money.faith Open in urlscan Pro
172.67.210.92 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://money.faith/
Submission: On September 24 via automatic, source certstream-suspicious (September 24th 2021, 12:01:38 pm UTC) — Scanned from DE

Summary HTTP 146 Redirects Links 48 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 23 domains to perform 146 HTTP transactions. The main IP is 172.67.210.92, located in United States and belongs to CLOUDFLARENET, US. The main domain is money.faith.
TLS certificate: Issued by R3 on September 23rd 2021. Valid for: 3 months.

This is the only time money.faith was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.67.210.92 172.67.210.92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
4	172.67.139.13 172.67.139.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.23.52 104.18.23.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
5	104.21.81.131 104.21.81.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.161.92.183 51.161.92.183	16276 (OVH) (OVH)
37	104.18.21.180 104.18.21.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
1	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
2	52.34.133.113 52.34.133.113	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
2	3.6.240.150 3.6.240.150	16509 (AMAZON-02) (AMAZON-02)
8	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	54.91.6.89 54.91.6.89	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
11	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
6	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
5	31.13.92.36 31.13.92.36	32934 (FACEBOOK) (FACEBOOK)
5	143.204.98.107 143.204.98.107	16509 (AMAZON-02) (AMAZON-02)
1	34.241.115.67 34.241.115.67	16509 (AMAZON-02) (AMAZON-02)
4	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
2	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
6	143.204.98.103 143.204.98.103	16509 (AMAZON-02) (AMAZON-02)
2 4	104.16.125.175 104.16.125.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.124.175 104.16.124.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	65.2.77.87 65.2.77.87	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.11 143.204.98.11	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.72 143.204.98.72	16509 (AMAZON-02) (AMAZON-02)
146	33

1 172.67.210.92 (United States)

ASN13335 (CLOUDFLARENET, US)

money.faith	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.139.13 (United States)

ASN13335 (CLOUDFLARENET, US)

app.groove.cm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.23.52 (None, )

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.21.81.131 (None, )

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.161.92.183 (Canada)

ASN16276 (OVH, FR)
PTR: ip183.ip-51-161-92.net

matomo.groovetech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 104.18.21.180 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.grooveapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.34.133.113 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-133-113.us-west-2.compute.amazonaws.com

kingsumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.6.240.150 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-6-240-150.ap-south-1.compute.amazonaws.com

api.vadoo.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.6.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-6-89.compute-1.amazonaws.com

paldesk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

kingsumo.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kingsumowebapp.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.98.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-107.fra50.r.cloudfront.net

widget.paldesk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.115.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-115-67.eu-west-1.compute.amazonaws.com

paldesk-stats.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.129.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.98.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-103.fra50.r.cloudfront.net

static.vadoo.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.125.175 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.124.175 (None, )

ASN13335 (CLOUDFLARENET, US)

www.unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.2.77.87 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-65-2-77-87.ap-south-1.compute.amazonaws.com

dev.vadoo.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-11.fra50.r.cloudfront.net

image.vadoo.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-72.fra50.r.cloudfront.net

vadooimages.vadoo.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	grooveapps.com assets.grooveapps.com	4 MB
14	vadoo.tv api.vadoo.tv static.vadoo.tv dev.vadoo.tv image.vadoo.tv vadooimages.vadoo.tv	8 MB
11	b-cdn.net kingsumo.b-cdn.net kingsumowebapp.b-cdn.net	1018 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	151 KB
8	jsdelivr.net cdn.jsdelivr.net	32 KB
6	unpkg.com 2 redirects unpkg.com www.unpkg.com	8 KB
6	paldesk.io paldesk.io widget.paldesk.io	436 KB
6	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	114 KB
6	googleapis.com fonts.googleapis.com translate.googleapis.com	370 KB
5	facebook.com www.facebook.com	12 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com	64 KB
4	cloudflare.com cdnjs.cloudflare.com	276 KB
4	facebook.net connect.facebook.net	246 KB
4	groove.cm app.groove.cm	78 KB
3	google-analytics.com www.google-analytics.com	39 KB
2	fbcdn.net static.xx.fbcdn.net	137 KB
2	sentry-cdn.com js.sentry-cdn.com	2 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
2	kingsumo.com kingsumo.com	19 KB
2	groovetech.io matomo.groovetech.io	32 KB
1	herokuapp.com paldesk-stats.herokuapp.com	396 B
1	google.com translate.google.com	4 KB
1	money.faith money.faith	67 KB
146	23

	Domain	Requested by
37	assets.grooveapps.com	money.faith
9	kingsumo.b-cdn.net	kingsumo.com kingsumo.b-cdn.net
8	cdn.jsdelivr.net	api.vadoo.tv
8	fonts.gstatic.com	fonts.googleapis.com
6	static.vadoo.tv	api.vadoo.tv
5	widget.paldesk.io	paldesk.io money.faith
5	www.facebook.com	kingsumo.com connect.facebook.net
5	ka-f.fontawesome.com	kit.fontawesome.com money.faith
4	maxcdn.bootstrapcdn.com	api.vadoo.tv
4	unpkg.com	2 redirects api.vadoo.tv
4	cdnjs.cloudflare.com	api.vadoo.tv
4	connect.facebook.net	kingsumo.com connect.facebook.net
4	app.groove.cm	money.faith
3	translate.googleapis.com	translate.google.com translate.googleapis.com
3	www.gstatic.com	money.faith translate.googleapis.com
3	www.google-analytics.com	money.faith www.google-analytics.com www.googletagmanager.com
3	fonts.googleapis.com	money.faith app.groove.cm kingsumo.b-cdn.net
2	static.xx.fbcdn.net	www.facebook.com
2	vadooimages.vadoo.tv	api.vadoo.tv
2	image.vadoo.tv	api.vadoo.tv
2	dev.vadoo.tv	api.vadoo.tv
2	www.unpkg.com	api.vadoo.tv
2	js.sentry-cdn.com	api.vadoo.tv
2	kingsumowebapp.b-cdn.net	kingsumo.com
2	www.googletagmanager.com	kingsumo.com www.googletagmanager.com
2	api.vadoo.tv	money.faith
2	kingsumo.com	money.faith kingsumo.com
2	matomo.groovetech.io	money.faith
1	paldesk-stats.herokuapp.com	paldesk.io
1	paldesk.io	money.faith
1	translate.google.com	money.faith
1	kit.fontawesome.com	money.faith
1	money.faith
146	33

This site contains links to these domains. Also see Links.

Domain
www.money.faith
handcraftedorder.com
www.redbubble.com
translate.google.com
payhip.com
tinyurl.com
groovepages.groovesell.com
get.adobe.com
www.amazon.com
ahayah.com
paypal.me
tidycal.com
ahayah.net
www.paldesk.com

Subject Issuer	Validity	Valid
*.money.faith R3	`2021-09-23` - `2021-12-22`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.groovetech.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-18` - `2022-08-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
kingsumo.com R3	`2021-09-07` - `2021-12-06`	3 months	crt.sh
api.vadoo.tv R3	`2021-09-24` - `2021-12-23`	3 months	crt.sh
paldesk.io R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
*.b-cdn.net Sectigo ECC Domain Validation Secure Server CA	`2020-11-11` - `2021-11-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.paldesk.io Sectigo RSA Domain Validation Secure Server CA	`2019-12-10` - `2021-12-09`	2 years	crt.sh
*.herokuapp.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.vadoo.tv Amazon	`2020-10-27` - `2021-11-25`	a year	crt.sh
dev.vadoo.tv R3	`2021-08-07` - `2021-11-05`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://money.faith/
Frame ID: CDA6BA2441685D56B09F4186EA4A4CC2
Requests: 69 HTTP requests in this frame

Frame: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed
Frame ID: 142C6084C713BBEA743F0865B6306758
Requests: 27 HTTP requests in this frame

Frame: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y
Frame ID: 7D8578E8182291E107CAB52B94FE5126
Requests: 23 HTTP requests in this frame

Frame: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ
Frame ID: 2938CF75A3AC9D603D59833004B9AB9B
Requests: 23 HTTP requests in this frame

Frame: data://truncated
Frame ID: 44145359E0E07C7CCFF36471F4F48458
Requests: 1 HTTP requests in this frame

Frame: https://widget.paldesk.io/p/static/js/main.bc291327.js.gz?888
Frame ID: 13F6A52B979301401FEF1F3EF78F7AE2
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/login_button.php?app_id=410195246098431&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdc190faf1384c%26domain%3Dkingsumo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkingsumo.com%252Ff3049cb8c79e3e4%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey&size=large&use_continue_as=true
Frame ID: 163790CC8303D772A2AAA5797A82282A
Requests: 4 HTTP requests in this frame

Frame: https://widget.paldesk.io/p/static/media/icomoon.cdbdb88e.ttf
Frame ID: 617D353E2E30702EEB9C5BAFB4974EB5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Money and God?

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/fingerprintjs@(\d)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

146
Requests

96 %
HTTPS

0 %
IPv6

23
Domains

33
Subdomains

33
IPs

6
Countries

15350 kB
Transfer

22393 kB
Size

9
Cookies

48 Outgoing links

These are links going to different origins than the main page.

URL: https://www.money.faith/
Title: Money & God

Search URL Search Domain Scan URL

URL: https://www.money.faith/mark
Title: How to avoid the Mark of the Beast

Search URL Search Domain Scan URL

URL: https://www.money.faith/elohim-is-demon-satan
Title: Elohim is Demon Satan

Search URL Search Domain Scan URL

URL: https://www.money.faith/lord-is-baal-satan
Title: Lord is Baal Satan

Search URL Search Domain Scan URL

URL: https://www.money.faith/baali-is-satan
Title: Baali is Satan

Search URL Search Domain Scan URL

URL: https://www.money.faith/jesus
Title: Jesus is 666

Search URL Search Domain Scan URL

URL: https://www.money.faith/legal
Title: Legal

Search URL Search Domain Scan URL

URL: https://handcraftedorder.com/products/yasha-creators-promise?variant=40605744693455

Search URL Search Domain Scan URL

URL: https://www.redbubble.com/shop/ap/87975026?ref=studio-promote

Search URL Search Domain Scan URL

URL: https://handcraftedorder.com/products/yasha-ahayah-cross?variant=40595430736079

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

URL: https://payhip.com/YashaAhayahBibleScriptures
Title: Buy PDF of Truth for $5

Search URL Search Domain Scan URL

URL: https://tinyurl.com/tcbpshk
Title: Buy PDF

Search URL Search Domain Scan URL

URL: https://tinyurl.com/rp9q45e
Title: 6 point font Softcover

Search URL Search Domain Scan URL

URL: https://tinyurl.com/tsfaj45
Title: 8 point font Hardcover

Search URL Search Domain Scan URL

URL: https://groovepages.groovesell.com/a/bjipAipmOJEp
Title: Buy Now!

Search URL Search Domain Scan URL

URL: https://get.adobe.com/reader/
Title: Adobe Acrobat Reader (Free)

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Yasha-Ahayah-Bible-Scriptures-Study/dp/1771433264/ref=cm_cr_arp_d_product_top?ie=UTF8
Title: Hardcover YABS

Search URL Search Domain Scan URL

URL: https://ahayah.com/BuyNow/BuyNow.php?product/page/4992/Yasha+Ahayah+Bible+Scriptures+Aleph+Tav+%28Yasat%29+2nd+Edition
Title: Yasat Softcover & Hardcover

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Yasha-Ahayah-Bible-Scriptures-Aleph/dp/1771434643/ref=sr_1_1?crid=XSNU9YZ9T3R3&dchild=1&keywords=yasat+bible&qid=1626135186&sprefix=YASAT%2Caps%2C1988&sr=8-1
Title: BUY NOW!

Search URL Search Domain Scan URL

URL: https://payhip.com/b/3p9Tv
Title: BUY $5 PDF NOW!

Search URL Search Domain Scan URL

URL: https://www.amazon.com/s?k=Yasha+Ahayah+Biblia+Escrituras+Aleph+Tav&i=stripbooks-intl-ship&ref=nb_sb_noss
Title: BUY NOW!

Search URL Search Domain Scan URL

URL: https://payhip.com/b/XxTNb
Title: BUY $5 PDF NOW!

Search URL Search Domain Scan URL

URL: https://www.amazon.com/s?k=Yasha+Ahayah+Bibliya+Banal+Na+Kasulatan+Aleph+Tav&i=stripbooks-intl-ship&ref=nb_sb_noss
Title: BUY NOW!

Search URL Search Domain Scan URL

URL: https://payhip.com/b/BNLSX
Title: BUY $5 PDF NOW!

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Yasha-Ahayah-Biobla-Scrioptuir-Aleph/dp/1771434805/ref=sr_1_9?crid=XSNU9YZ9T3R3&dchild=1&keywords=yasat+bible&qid=1626193080&sprefix=YASAT%2Caps%2C1988&sr=8-9
Title: BUY NOW!

Search URL Search Domain Scan URL

URL: https://payhip.com/b/QfVlT
Title: BUY $5 PDF NOW!

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Yasha-Ahayah-Bibel-Skriften-Norwegian/dp/1771434775/ref=sr_1_11?crid=XSNU9YZ9T3R3&dchild=1&keywords=yasat+bible&qid=1626193080&sprefix=YASAT%2Caps%2C1988&sr=8-11
Title: BUY NOW!

Search URL Search Domain Scan URL

URL: https://payhip.com/b/WDVhX
Title: BUY $5 PDF NOW!

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Yasha-Ahayah-Bibbia-Scritture-Italian/dp/1771434740/ref=sr_1_7?crid=XSNU9YZ9T3R3&dchild=1&keywords=yasat+bible&qid=1626193080&sprefix=YASAT%2Caps%2C1988&sr=8-7
Title: BUY NOW!

Search URL Search Domain Scan URL

URL: https://payhip.com/b/kzQ0r
Title: BUY $5 PDF NOW!

Search URL Search Domain Scan URL

URL: https://payhip.com/b/Y0nyW
Title: BUY $5 PDF NOW!

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Yasha-Ahayah-Biblia-Escrituras-Portuguese/dp/1771434465/ref=sr_1_9?dchild=1&keywords=yasha+ahayah&qid=1605977386&s=books&sr=1-9
Title: BUY NOW!

Search URL Search Domain Scan URL

URL: https://payhip.com/b/mAyg8
Title: BUY $5 PDF NOW!

Search URL Search Domain Scan URL

URL: https://www.amazon.com/s?k=Yasha+Ahayah+Bible+Ecritures+Aleph+Tav+%28French+Edition+YASAT+Study+Bible%29&i=stripbooks-intl-ship&ref=nb_sb_noss
Title: BUY NOW!

Search URL Search Domain Scan URL

URL: https://payhip.com/b/s4HCn
Title: BUY $5 PDF NOW!

Search URL Search Domain Scan URL

URL: https://www.amazon.com/s?k=Yasha+Ahayah+Bibel+Schriften+Aleph+Tav&i=stripbooks-intl-ship&ref=nb_sb_noss
Title: BUY NOW!

Search URL Search Domain Scan URL

URL: https://payhip.com/b/awG3T
Title: BUY $5 PDF NOW!

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Yasha-Ahayah-Kutsal-Yazilar-Turkish/dp/1771434554/ref=sr_1_7?dchild=1&keywords=yasha+ahayah&qid=1605977386&s=books&sr=1-7
Title: BUY NOW!

Search URL Search Domain Scan URL

URL: https://payhip.com/b/jw6GU
Title: BUY $5 PDF NOW!

Search URL Search Domain Scan URL

URL: https://www.amazon.com/s?k=YASAT+Afrikaans&i=stripbooks-intl-ship&ref=nb_sb_noss
Title: BUY NOW!

Search URL Search Domain Scan URL

URL: https://payhip.com/b/OuQIv
Title: BUY $1 PDF NOW!

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Ahayah-%D0%91%D0%B8%D0%B1%D0%BB%D0%B8%D1%8F-%D0%9F%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5-Russian-YASAT/dp/177143449X/ref=sr_1_1?dchild=1&keywords=YASAT+Russian&qid=1605978562&s=books&sr=1-1
Title: BUY NOW!

Search URL Search Domain Scan URL

URL: https://payhip.com/b/vZY84
Title: BUY $5 PDF NOW!

Search URL Search Domain Scan URL

URL: https://paypal.me/TimothySorsdahl
Title: Donate any amount!!

Search URL Search Domain Scan URL

URL: https://tidycal.com/timsorsdahl/60-minute-meeting-in-search-for-the-truth-proverbs-23-23
Title: Book a Meeting

Search URL Search Domain Scan URL

URL: https://ahayah.net/assembly/

Search URL Search Domain Scan URL

URL: https://www.paldesk.com/
Title: Paldesk

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://unpkg.com/videojs-contrib-quality-levels/dist/videojs-contrib-quality-levels.min.js HTTP 302
https://unpkg.com/videojs-contrib-quality-levels@2.1.0/dist/videojs-contrib-quality-levels.min.js

Request Chain 113

https://unpkg.com/videojs-contrib-quality-levels/dist/videojs-contrib-quality-levels.min.js HTTP 302
https://unpkg.com/videojs-contrib-quality-levels@2.1.0/dist/videojs-contrib-quality-levels.min.js

146 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
money.faith/ 1020 KB
67 KB 331ms
262ms Document
text/html 172.67.210.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.210.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8922cc1edcd97cab510018cc5e92ec9c549f29e3fe341be4791f2bc011a0ac1

Request headers

:method: GET
:authority: money.faith
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
content-type: text/html
last-modified: Thu, 23 Sep 2021 23:14:01 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZJNXKW3Cj1IolTFeViVFtnCkbA%2BXjFq8NGDSBJIyxgsJ%2F0o970849BG8FHzJLK8rMOoZsKzbXndJI77xaaWKlSTGyseuAaOycqb3fMnrJfmD3vTeEn%2BM7t7EQ4xeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 693bdb90adf64114-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 711 KB
137 KB 64ms
42ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: money.faith
URL: https://money.faith/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

737f58a54373c1aa49d507b05f690cddc0a8f4794047a345b4a653aa1b945dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 12:01:22 GMT
server: ESF
date: Fri, 24 Sep 2021 12:01:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Sep 2021 12:01:22 GMT

GET
H2 200 inpage_published.css
app.groove.cm/groovepages/css/ 362 KB
52 KB 81ms
29ms Stylesheet
text/css 172.67.139.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/css/inpage_published.css
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5949002a116a1582e56d4b4ddc5a6263f24087df3945c9ad2dbc5f6c54578ae4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Sep 2021 09:45:48 GMT
server: cloudflare
age: 6953
etag: W/"614d9e4c-5a968"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiIBo3l90qGQYv09Zg%2B%2FvGlf%2FZr8X9M06DWwtfOzLOiepQYpn7Ow%2FzEtS9%2BDHAgycc9aApshKeCk5oE2wjNtcV7YLD7HqDyYyY4%2BpAZOLnH%2Bb9%2FF22aNHWeDCV%2FMm3pb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 693bdb929faa3248-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 chunk-vendors.css
app.groove.cm/groovepages/css/ 0
0 74ms
21ms Stylesheet
text/html 172.67.139.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/css/chunk-vendors.css
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 e7647a48d4.js Show response
kit.fontawesome.com/ 11 KB
4 KB 49ms
29ms Script
text/javascript 104.18.23.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/e7647a48d4.js

Requested by

Host: money.faith
URL: https://money.faith/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb8a74896b23a167b5669b0ecb26100b9295145fdd5a71e08df836638af23061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://money.faith/
Origin: https://money.faith
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 693bdb926d154e4f-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FqfAWehAgp9XDksNd7lh

GET
H2 200 css2
fonts.googleapis.com/ 692 KB
136 KB 45ms
44ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,700;0,900;1,400&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovepages/css/inpage_published.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

0abffe0768d60d00efc54d38297110f302455579dfd0d7ea5a531ff0f5ccac59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 12:01:22 GMT
server: ESF
date: Fri, 24 Sep 2021 12:01:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Sep 2021 12:01:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 28ms
6ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: money.faith
URL: https://money.faith/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4162
date: Fri, 24 Sep 2021 10:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 24 Sep 2021 12:52:00 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 57ms
26ms Fetch
text/css 104.21.81.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5uaRSbENaeRFeKZwQMoktzmZRI%2Fjc1wBJ7u2dgVhXYB1h3li33UmrzUEGWNjjnur41a%2BRB6yfY%2BQOdlkXZ72mQYRbsRGyJoNWvV0bLA019rZnay%2B4xPb9r%2BLTYP6%2FW%2FQJsYtJZ83w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 693bdb93a93e4120-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Eqgxt5Nq2SRcebcmPknjLbwEZRIzIlLYEVD9GJQavxwXW8ld2EolOA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 55ms
24ms Fetch
text/css 104.21.81.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyrPgliLfaxyyxj%2Fin6VZSmC%2FZACgQJyEHV0X5uyk7GtCQMrHiUKHZLJq5SKpLRMHrhZVDLrqUmyEEF9OfjeqzD3Fya2advCO8oV3VU9BkI5pi%2BssnISoAp0yNsgutkGx4%2FEDvn0Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 693bdb93a93f4120-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: UO-FUJYRqrssRc9I6NY2aPeCk-BMTvVZBQLFgIzea2nBdTV8fTf7_g==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 54ms
24ms Fetch
text/css 104.21.81.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
via: 1.1 b9288402a0a891e0bbaca832ecabae61.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZZ8xPKKTbLm0TSquezVDr1O7lxugwghDaNr84qGhIzDGhJaOvyTiV5pvVJqm5RNkikGaQw2TtnDmrVutEqqUCxxjY0iE1dzSlR9Eh33MMXV510tjUmJ5rxzv%2B%2F99cwfNuKxIttXZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 693bdb93a9404120-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: HLaVaclHxs3Bpse3y7iwEciBgtbjzi4bB3HdKAFPEmKRlc6JwgYoPg==

GET
H/1.1 200
OK matomo.js Show response
matomo.groovetech.io/ 100 KB
32 KB 710ms
180ms Script
application/javascript 51.161.92.183
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.js
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.161.92.183 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ip183.ip-51-161-92.net
Software: nginx/1.19.2 /
Resource Hash: 68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
content-encoding: gzip
last-modified: Tue, 21 Jul 2020 21:11:02 GMT
server: nginx/1.19.2
etag: "19167-5aafa0f820d0f-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 32444

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
16ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=935074094&t=pageview&_s=1&dl=https%3A%2F%2Fmoney.faith%2F&ul=en-us&de=UTF-8&dt=Money%20and%20God%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=983966184&gjid=1668480988&cid=1470009986.1632484883&tid=UA-16415083-2&_gid=1998601514.1632484883&_r=1&_slc=1&z=141095915

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://money.faith/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 12:01:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://money.faith
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1577333329_paperbackbookstanding_848x1126%20(1).png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 74 KB
74 KB 53ms
18ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1577333329_paperbackbookstanding_848x1126%20(1).png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9804e687f473346e2d0805878295278bc3c158ce2e31c48b623dadc882d8424

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 1489
cf-polished: origFmt=png, origSize=123204
x-guploader-uploadid: ADPycdvW6TG1Fqkd4pYjPhUjOg7UQoW98H_R6eu28fkf2KeqTyi3HDcp68qFHInDkAY1ogl930TvmzKvZLgbI3K4cF6PAloqLA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1577333329_paperbackbookstanding_848x1126%20(1).webp"
content-length: 75490
cf-ray: 693bdb95bfac05ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Thu, 26 Dec 2019 04:14:15 GMT
server: cloudflare
etag: "f12c73ac00cbb85e0c964bd055e63a20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=XwinyQ==, md5=8SxzrADLuF4MlkvQVeY6IA==
x-goog-generation: 1577333655585450
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 123204
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 navmenu-lib.web.js Show response
assets.grooveapps.com/plugins/ 63 KB
19 KB 192ms
157ms Script
application/javascript 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.grooveapps.com/plugins/navmenu-lib.web.js
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a9dac45eb5d5947c5ab8f57d56dbb2c8d1c5b43dce0ce78d578a87ed21afbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdsIBYcHOz7Y7LgXPVpHjUk5DtsfmCdcrhDJnz_NEK_uXBGvw8uxu49VC1omBgfY7qJhzCJDVOLl6d_yFCwmuhc
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 15 Sep 2021 18:49:09 GMT
server: cloudflare
etag: W/"dd1d4da26edb3c96c9848c3c4e7be2c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=guoaqQ==, md5=3R1Nom7bPJbJhIw8Tnvixg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1631731749586240
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 64255
cf-ray: 693bdb95bfab05ed-FRA
expires: Sat, 24 Sep 2022 12:01:22 GMT

GET
H2 200 countdown-lib.web.js Show response
assets.grooveapps.com/plugins/ 8 KB
4 KB 143ms
143ms Script
application/javascript 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.grooveapps.com/plugins/countdown-lib.web.js
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f72db5baeaf6cc741aa905bbeb3be259f063361347236c3c70cc0e4276c5e10d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdspNGH3lz6E1KVqxxkuzFW3_v8y-lDkKt6f4BzoJCqvZMp8H2_KuXONmq-E2qujVz6txG2hSfX-aaY_xNwifds
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 15 Sep 2021 18:49:08 GMT
server: cloudflare
etag: W/"be5b021dc148eb6dae60c3cd5a3e19d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=cK2Uuw==, md5=vlsCHcFI622uYMPNWj4Z2A==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1631731748293642
access-control-expose-headers: Content-Type
cache-control: public, max-age=31535999
x-goog-stored-content-length: 8440
cf-ray: 693bdb96080805ed-FRA
expires: Sat, 24 Sep 2022 12:01:22 GMT

GET
H2 200 1631220491_crossAhayah.jpeg
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 44 KB
44 KB 37ms
37ms Image
image/jpeg 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1631220491_crossAhayah.jpeg
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc8201c76a7d9ddb07434377fc4b265eb9d79268059a99ea8b868c9b78c35f2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 178
cf-polished: origSize=45663, status=webp_bigger
x-guploader-uploadid: ADPycdsumWgDt9XuxlAME8k6shbExdt9JJmNjYasSeuiJ4tu5eeZh4nA1r9SMV0ktvH3qcyES7h-B2z3nYjQ8hMvWFk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 44895
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Thu, 09 Sep 2021 20:48:11 GMT
server: cloudflare
etag: "432dd5af5bca11f8dab1f1fa9abae2eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=CaCRXw==, md5=Qy3Vr1vKEfjasfH6mrri6w==
x-goog-generation: 1631220491506673
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 45663
accept-ranges: bytes
cf-ray: 693bdb96080b05ed-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1631225614_Ahayah%20Store.jpg
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 36 KB
36 KB 20ms
20ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1631225614_Ahayah%20Store.jpg
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2967ac469b76333acfbd4cedf26804bcd98f3fab8488eede39accdbdfc45f06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 2130
cf-polished: qual=85, origFmt=jpeg, origSize=81200
x-guploader-uploadid: ADPycdsAYZ5aCuxFWC3qQxbq3u2s_2EHQXtR4S0j5f0WPmGAl7V5s9gRlMzQM9a7LQkBh1IqJEmnz6KVS0ZsdWlCFS0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1631225614_Ahayah%20Store.webp"
content-length: 36410
cf-ray: 693bdb96080d05ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Thu, 09 Sep 2021 22:13:34 GMT
server: cloudflare
etag: "890509d86ef2fd29d9a017666aabb76b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=pkfVTA==, md5=iQUJ2G7y/SnZoBdmaqu3aw==
x-goog-generation: 1631225614679065
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 81200
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1631243060_download.jpeg
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 88 KB
88 KB 21ms
21ms Image
image/jpeg 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1631243060_download.jpeg
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e50096d5b945319f648f91d352d2ee29d39d9d9af2ceb3706085f636cfd918d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 178
cf-polished: origSize=91564, status=webp_bigger
x-guploader-uploadid: ADPycdspmFdfnjsD75zs6eT66QN2jbQki-znZjtElK3ceDk8mrEUkCerSzQDZERxfBEOEdHGRlHqX6grCZbHfLZmirWW50f1vQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 89649
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Fri, 10 Sep 2021 03:04:20 GMT
server: cloudflare
etag: "282281f517130a7c0d1137068d945655"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=zbbGOw==, md5=KCKB9RcTCnwNETcGjZRWVQ==
x-goog-generation: 1631243060541066
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 91564
accept-ranges: bytes
cf-ray: 693bdb96081005ed-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 45ms
20ms Image
image/png 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: money.faith
URL: https://money.faith/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 10:23:15 GMT
x-content-type-options: nosniff
age: 5887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 24 Sep 2022 10:23:15 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 10 KB
4 KB 104ms
15ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: money.faith
URL: https://money.faith/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

HTTP server (unknown) /

Resource Hash

37ced0c5c3d579b06f715823a949e25f6ae6ec0a73beb4f83dcc6d6b69f9be61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 12:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: de
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3877
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embed.js Show response
kingsumo.com/js/ 34 KB
12 KB 678ms
330ms Script
application/javascript 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kingsumo.com/js/embed.js
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: a8d7fb0ecaa755024d3d26dcccfc88a4617abe9c2c080994668ccacc582a472b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Friday, 24-Sep-2021 12:01:23 GMT
server: nginx/1.18.0
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 1577324268_Ahayah2.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 28 KB
29 KB 40ms
40ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1577324268_Ahayah2.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca59a6bd087a918e0737305bcde9864d60163de29147402583f71e8b9ae5328

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 2659
cf-polished: origFmt=png, origSize=40690
x-guploader-uploadid: ADPycdtwLlXG4aOGenOrOSBZUQ0inynBK26RoQ-i-kXEYCTknQWVtnR_e_g8RYx75nVyiIVSgG9L_qVGhXdKrXMN6aPE-jL6-w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1577324268_Ahayah2.webp"
content-length: 28916
cf-ray: 693bdb96081605ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Thu, 26 Dec 2019 01:38:03 GMT
server: cloudflare
etag: "61fac8d7275568d92900dd57203e2df5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=XiRDOA==, md5=YfrI1ydVaNkpAN1XID4t9Q==
x-goog-generation: 1577324283303232
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 40690
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1580084886_HandDrawnArrow13.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/ 2 KB
3 KB 36ms
35ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1580084886_HandDrawnArrow13.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a11a70e78cf03019d54774a9181296fb1ea1777d78144ec060b37aeeed050901

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 1487
cf-polished: origFmt=png, origSize=5401
x-guploader-uploadid: ADPycdvE1KxHn3utPuLhqz80UK8Z32OGMj5nIVXK2AXQyAa8GgLUU2J4fagQExmHPl-mL3Z3FDLa_74CxueWIlAcXxNGWLGkeA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1580084886_HandDrawnArrow13.webp"
content-length: 2308
cf-ray: 693bdb96081705ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Mon, 27 Jan 2020 00:28:06 GMT
server: cloudflare
etag: "20d331edbfea31e8cebe6d230468a633"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=NWDl3A==, md5=INMx7b/qMejOvm0jBGimMw==
x-goog-generation: 1580084886833444
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 5401
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1580084939_HandDrawnArrow13.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/ 2 KB
3 KB 138ms
138ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1580084939_HandDrawnArrow13.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70957642d8e07587cbbb514b1718db9cbccafdb211e6c272e9c8df5b5cb4da8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=5624
x-guploader-uploadid: ADPycdsaAnZ55n8mR0hDE2MNZO3zdcBCDorJNxgD8BTp-pps44ciaba96_BJ71vv_7Rt0a_9rXESksm7GuXhO20N-ME
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1580084939_HandDrawnArrow13.webp"
content-type: image/webp
content-length: 2294
expires: Fri, 24 Sep 2021 16:01:23 GMT
last-modified: Mon, 27 Jan 2020 00:28:59 GMT
server: cloudflare
etag: "d9a93d5082b1c6582910555e7caa34fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=TNjEKA==, md5=2ak9UIKxxlgpEFVefKo0/Q==
x-goog-generation: 1580084939508584
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 5624
accept-ranges: bytes
cf-ray: 693bdb96081a05ed-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1588974223_Depositphotos_2020936_l-2015.jpg
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 466 KB
467 KB 405ms
404ms Image
image/jpeg 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1588974223_Depositphotos_2020936_l-2015.jpg
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d29119a7333f0747faca59fdd1ba8480b18b42a1c11afb112f2aadef7023f81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvEhZicsiOAvElGaVLZjoIfKQEYJkpn_QD-KWI8I-Z7JKyDb03Dsa0B2VORzzd9z6IhA6rvZ8noYWBIDsJKmwc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 477038
last-modified: Fri, 08 May 2020 21:43:43 GMT
server: cloudflare
etag: "400d999edff1782d7c195cfb0b469075"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=pOwcTg==, md5=QA2Znt/xeC18GVz7C0aQdQ==
x-goog-generation: 1588974223535612
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 477038
accept-ranges: bytes
cf-ray: 693bdb96081d05ed-FRA
expires: Fri, 24 Sep 2021 16:01:23 GMT

GET
H2 200 1588974392_Depositphotos_39322783_l-2015.jpg
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 686 KB
687 KB 441ms
440ms Image
image/jpeg 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1588974392_Depositphotos_39322783_l-2015.jpg
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38d59f77c0674f47ebcf18f33ae90eeb2ffb6c734319f3f77165a63bcb7d71b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvaA2kmV2uD2FXMicC7RQqdzSgxlLavKrIllV4YBw8gGrdXu3-R-Hda7MdkMJhoPQFnJKAP6rYgpte4SRHc6Yc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 702148
last-modified: Fri, 08 May 2020 21:46:32 GMT
server: cloudflare
etag: "46e78bc63f7934e6677c76ec000279d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=rk1Rbg==, md5=RueLxj95NOZnfHbsAAJ52A==
x-goog-generation: 1588974392905247
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 702148
accept-ranges: bytes
cf-ray: 693bdb96081f05ed-FRA
expires: Fri, 24 Sep 2021 16:01:23 GMT

GET
H2 200 1583191598_logo-transparent.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 58 KB
58 KB 38ms
36ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1583191598_logo-transparent.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c87902daa8ba3f455122e60a20ca71f5e62bd030a458482122c3259823a69fec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 848
cf-polished: origFmt=png, origSize=294160
x-guploader-uploadid: ADPycdu-E-jR5pNnCIi0fHS0ZB_O9ngxRdCwLEqv_OM5lR03a7pcft53fUb-V7a6yYiTRxCqr-IiRiv4Y3odeX5bNROrKtBv5Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1583191598_logo-transparent.webp"
content-length: 59354
cf-ray: 693bdb96082105ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Mon, 02 Mar 2020 23:26:38 GMT
server: cloudflare
etag: "36deeaa29b674d74f4b1b3fd6a09c1ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=SOMEGg==, md5=Nt7qoptnTXT0sbP9agnBrQ==
x-goog-generation: 1583191598829271
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 294160
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1583191696_logo.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 144 KB
144 KB 47ms
46ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1583191696_logo.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d3e52b6070cc501b569db924ab163bbfb79adcfd31574fd3c46b3dd44c25adb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 848
cf-polished: origFmt=png, origSize=557877
x-guploader-uploadid: ADPycdvEtM2l_1_OwFhKeWg8gYiqt6kE3tenrkpDEaQd--nX8yaBl7n47WPFI8f3_ReVAQJ0R5taytFXaCUKEyhB7i0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1583191696_logo.webp"
content-length: 147474
cf-ray: 693bdb96082505ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Mon, 02 Mar 2020 23:28:16 GMT
server: cloudflare
etag: "b047664d09aa13dfa221cbb469abe1fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=WpFvrw==, md5=sEdmTQmqE9+iIcu0aavh+w==
x-goog-generation: 1583191696747196
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 557877
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1580787238_Depositphotos_19293121_s-2019.jpg
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 48 KB
49 KB 34ms
33ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1580787238_Depositphotos_19293121_s-2019.jpg
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93c59c00378a6bd85636cfef61601a7010ebfb34cf8a88e7216242060cc384bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 1930
cf-polished: qual=85, origFmt=jpeg, origSize=93779
x-guploader-uploadid: ADPycdsgLUJTdEGg6KHfq84VGz0Gf6KJp0aVao5OayQbQMFiAPs17cBRrzo_zMou4zjO6TX1Tf4fLGEixtLuyhNrbn5SQu1K_Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1580787238_Depositphotos_19293121_s-2019.webp"
content-length: 49514
cf-ray: 693bdb96082605ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Tue, 04 Feb 2020 03:33:58 GMT
server: cloudflare
etag: "38cfe533dbad20a2beb16102c19129b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=ePeDwg==, md5=OM/lM9utIKK+sWECwZEpsQ==
x-goog-generation: 1580787238715393
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 93779
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1580788110_15394252_men-lift-world-globe-in-bulb-stock-vector%20(1).jpg
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 66 KB
66 KB 32ms
30ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1580788110_15394252_men-lift-world-globe-in-bulb-stock-vector%20(1).jpg
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e15faf9a737253797fef5fc1fc265a36868625fb1935c4f9fba527e37eecb2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 1929
cf-polished: qual=85, origFmt=jpeg, origSize=164981
x-guploader-uploadid: ADPycdsL3u6uHjHAEVa93HxOcTYwnci4U6TPjoR12JrJNxSECTCb4A7zEIV4UzNFMlzHMsaJk2t3JprMoW_BEwCAdK0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1580788110_15394252_men-lift-world-globe-in-bulb-stock-vector%20(1).webp"
content-length: 67338
cf-ray: 693bdb96082805ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Tue, 04 Feb 2020 03:48:30 GMT
server: cloudflare
etag: "0d00bd929cace4e05e8feb6aa5f28b75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=YECiiA==, md5=DQC9kpys5OBej+tqpfKLdQ==
x-goog-generation: 1580788110610990
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 164981
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1577333736_paperbackbookstanding_848x1126%20(1).png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 476 KB
477 KB 64ms
62ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1577333736_paperbackbookstanding_848x1126%20(1).png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98bd92c3f6c9f0a518424c9e33f4b6a74629cba08cd178af6ae61563bf0abad8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 848
cf-polished: origFmt=png, origSize=820376
x-guploader-uploadid: ADPycdvNVt_Ajt1XwejR-i3gNzijPFXiFCV-E0TUIm6XJEDo-rffc44V9H4gQtx4Ve8SVbMGoNXvCW-6pZsZHbf3OzE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1577333736_paperbackbookstanding_848x1126%20(1).webp"
content-length: 487400
cf-ray: 693bdb96082905ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Thu, 26 Dec 2019 04:15:36 GMT
server: cloudflare
etag: "9b15258ce1538f3d7162ba227549834d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=jD0pxg==, md5=mxUljOFTjz1xYroidUmDTQ==
x-goog-generation: 1577333736775874
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 820376
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1580849534_Depositphotos_7614957_s-2019.jpg
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 51 KB
51 KB 62ms
60ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1580849534_Depositphotos_7614957_s-2019.jpg
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6598809d51d1059d62600969f5e91ff682b7e01d574dbcd7f7cef940076fcd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 3103
cf-polished: qual=85, origFmt=jpeg, origSize=102895
x-guploader-uploadid: ADPycduVfdRPX9u4F1PiPTL09hzwNgDkPy8XfJnPtrCDnFBXohNm_A2he4qaG6bBOS3M3tIvQe01VYr-VzdYBeq2IifN3tT3Jg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1580849534_Depositphotos_7614957_s-2019.webp"
content-length: 52246
cf-ray: 693bdb96082f05ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Tue, 04 Feb 2020 20:52:15 GMT
server: cloudflare
etag: "bc48aeeff89f8deb39626880b747a805"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=kR44pg==, md5=vEiu7/ifjes5YmiAt0eoBQ==
x-goog-generation: 1580849535023295
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 102895
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1580849616_Depositphotos_58115945_s-2019.jpg
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 52 KB
53 KB 68ms
67ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1580849616_Depositphotos_58115945_s-2019.jpg
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 312d73283bc5da1ed1f5c3f77feea6364a09b04e18750c58de00e3c891a31f23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 2025
cf-polished: qual=85, origFmt=jpeg, origSize=118938
x-guploader-uploadid: ADPycdvi9WTA58246PFN2aYM4OVerE-9Fc7RVtFmHK1L8RG4KVzTFhq9cqpZCE2aguiIpJvOwSQFC73KgLUaqBCtVos
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1580849616_Depositphotos_58115945_s-2019.webp"
content-length: 53470
cf-ray: 693bdb96083205ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Tue, 04 Feb 2020 20:53:36 GMT
server: cloudflare
etag: "a6e64463960d1f7fb9bef87752352e75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=/y4p1g==, md5=puZEY5YNH3+5vvh3UjUudQ==
x-goog-generation: 1580849616330650
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 118938
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1580849428_Depositphotos_123167224_s-2019.jpg
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 33 KB
33 KB 47ms
45ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1580849428_Depositphotos_123167224_s-2019.jpg
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d832057e736a2ea95dc18df1e96862cbf133904fe6591391cbbe29e4eb199405

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 2129
cf-polished: qual=85, origFmt=jpeg, origSize=84744
x-guploader-uploadid: ADPycdvMBOaIr21-7N_4E9tPwbtqvrMqqcbqFe-K5R7dE4BbKFZcLoB4TinGJATL80Zn9K1DROb4JiQZOoONxiVTVLE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1580849428_Depositphotos_123167224_s-2019.webp"
content-length: 33684
cf-ray: 693bdb96083305ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Tue, 04 Feb 2020 20:50:28 GMT
server: cloudflare
etag: "25a018c4d5e5c60f784e28c9102f5ff0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=6g43AA==, md5=JaAYxNXlxg94TijJEC9f8A==
x-goog-generation: 1580849428860102
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 84744
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1585587299_30dayMoneyBack.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 99 KB
100 KB 36ms
35ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1585587299_30dayMoneyBack.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb386d5a4bc65df4acf335a8a66e97275690a618925a5305e87d185f3f6a939

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 684
cf-polished: origFmt=png, origSize=163828
x-guploader-uploadid: ADPycduskPtKvO6ynhqPe_rVT2PCak5dfcYDl1Smx7ocH84D7I5RdqLU7DMhxWHCkb90Tt9xCkACRO5o_PZiSdTQpMU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1585587299_30dayMoneyBack.webp"
content-length: 101580
cf-ray: 693bdb96083505ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Mon, 30 Mar 2020 16:55:00 GMT
server: cloudflare
etag: "c0f4d00cf025f98e7556bcd79bca06e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=JsM6YA==, md5=wPTQDPAl+Y51VrzXm8oG6Q==
x-goog-generation: 1585587300195231
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 163828
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1626264388_Depositphotos_79747302_s-2019-removebg-preview.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 91 KB
91 KB 57ms
57ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1626264388_Depositphotos_79747302_s-2019-removebg-preview.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d24a723838a981c927acd2f6e53f538756ecc542dcad090e44a7c6814f2f3bad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 2025
cf-polished: origFmt=png, origSize=168214
x-guploader-uploadid: ADPycdtdm2EsxXqDsBbiuiNrlz_ynn1I-N7QPsgwfzIc7-3dZumPSuqBgrdyR1yhVBTb2zHjPVBV8Oy-jwEl16f_QrQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1626264388_Depositphotos_79747302_s-2019-removebg-preview.webp"
content-length: 92758
cf-ray: 693bdb96184305ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Wed, 14 Jul 2021 12:06:29 GMT
server: cloudflare
etag: "47298c112fb09cb6fd7eb4c2d3b6b4d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=SZn5fQ==, md5=RymMES+wnLb9frTC07a00A==
x-goog-generation: 1626264389268553
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 168214
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1589267638_1379054-removebg-preview.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 85 KB
85 KB 53ms
53ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1589267638_1379054-removebg-preview.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554e57d8db81e52bc9272013575e203896892e27967f2d70b2f3746052255283

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 173
cf-polished: origFmt=png, origSize=144932
x-guploader-uploadid: ADPycdvJEo4T__FuAu-rrEnfH2huUXQaAV6DfGySDa7pV5mKlKrNEKIgSVyPpI-w78UjMjdUcxXOdCJWmlD79-feeuk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1589267638_1379054-removebg-preview.webp"
content-length: 86690
cf-ray: 693bdb96184405ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Tue, 12 May 2020 07:13:58 GMT
server: cloudflare
etag: "51dfcc5a904a9df9d909950b960823d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=I696uw==, md5=Ud/MWpBKnfnZCZULlggj1A==
x-goog-generation: 1589267638342523
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 144932
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1589267726_1380051-removebg-preview.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 40 KB
41 KB 57ms
57ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1589267726_1380051-removebg-preview.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8ce1187748d3d0e4f5799f7fdd2548295c9b935d7a3278f99bbb5184176e27c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 1482
cf-polished: origFmt=png, origSize=71537
x-guploader-uploadid: ADPycds34Av2-7qIw1oQJBjEnCsFQIq_tuOgivSQXWFY6TY7n8K9zL5j6wvYsMcG8PaNVOsQeiacKgdasYLK_WrC_IU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1589267726_1380051-removebg-preview.webp"
content-length: 41166
cf-ray: 693bdb96184505ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Tue, 12 May 2020 07:15:26 GMT
server: cloudflare
etag: "c591201890dea0c7079e898ec6f7531d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=Gh/3Cg==, md5=xZEgGJDeoMcHnomOxvdTHQ==
x-goog-generation: 1589267726220269
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 71537
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1626224259_IrishFlagClear.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 62 KB
63 KB 56ms
54ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1626224259_IrishFlagClear.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561543661447db71370297d82706f3ff6658ff19adbf9fd97ec9fe9abb94635c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 1482
cf-polished: origFmt=png, origSize=132336
x-guploader-uploadid: ADPycdtygZdVIBXdBgZYdMPKR6ibZNTut9Nnum-vANvO220Qq-dYkj8Vn_K8480Qd2LQjJrccxbUH-0W6zHHAClOjv6Tmc4LSQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1626224259_IrishFlagClear.webp"
content-length: 63960
cf-ray: 693bdb96184705ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Wed, 14 Jul 2021 00:57:40 GMT
server: cloudflare
etag: "1478c901b98a3f368c245a3a5784cb32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=8pmxZg==, md5=FHjJAbmKPzaMJFo6V4TLMg==
x-goog-generation: 1626224260150560
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 132336
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1626224647_NorwayFlag-removebg-preview.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 62 KB
63 KB 53ms
52ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1626224647_NorwayFlag-removebg-preview.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29d511d7acfe365b091a2e8d59d113e51b547653da370eab49b9f7f30586e5a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 3538
cf-polished: origFmt=png, origSize=128078
x-guploader-uploadid: ADPycdvgW699UoGUcZl9seNO0lhS7mWi37XeFpxfQP7e_iUgJLT0LN4G_Trvvw6yzfHtzeA_18wtGQQDdJc7v2anQM_5fea36Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1626224647_NorwayFlag-removebg-preview.webp"
content-length: 63954
cf-ray: 693bdb96184b05ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Wed, 14 Jul 2021 01:04:07 GMT
server: cloudflare
etag: "fa157d472609dda2a0d71198ebb28bf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=LuEqYA==, md5=+hV9RyYJ3aKg1xGY67KL+A==
x-goog-generation: 1626224647346913
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 128078
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1626224893_ItalyFlag-removebg-preview.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 60 KB
60 KB 52ms
51ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1626224893_ItalyFlag-removebg-preview.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 328d898ef6213adc3017530620893ba9a9949753593c99ee857319d4a4918852

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 3538
cf-polished: origFmt=png, origSize=126083
x-guploader-uploadid: ADPycdtErG3k8oe7JYNoI_F7kmOI7mEQB_Sb3XoEtvXaozpsgR2ytMsbT37tKbAASwxWvpefO46qkUeL4dVmu3tVVeHJYzGVow
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1626224893_ItalyFlag-removebg-preview.webp"
content-length: 61434
cf-ray: 693bdb96184c05ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Wed, 14 Jul 2021 01:08:14 GMT
server: cloudflare
etag: "43512fb3f914930dfbe6bebb10a4eeee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=pUD44g==, md5=Q1Evs/kUkw375r67EKTu7g==
x-goog-generation: 1626224894175320
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 126083
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1626225226_ArabicFlag-removebg-preview.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 37 KB
37 KB 52ms
51ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1626225226_ArabicFlag-removebg-preview.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a2d7107145aecb2ee97d824f1a27662ec2c47245e91f631a6abc4378939dba3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 3538
cf-polished: origFmt=png, origSize=76395
x-guploader-uploadid: ADPycdvar1HLKQ3uWN1CQ_vJIx2ty6dZRW0C5c9CyCG8jS3r8oIHIc0iGvGDik_TsiOFCa1NunAeYBc0GCBN7TBNjiloEjKhGw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1626225226_ArabicFlag-removebg-preview.webp"
content-length: 37550
cf-ray: 693bdb96184d05ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Wed, 14 Jul 2021 01:13:46 GMT
server: cloudflare
etag: "26fb8b2921f3fccc0c43da5558a30034"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=26GuLQ==, md5=JvuLKSHz/MwMQ9pVWKMANA==
x-goog-generation: 1626225226421131
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 76395
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1589267529_1504477-removebg-preview.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 151 KB
152 KB 52ms
51ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1589267529_1504477-removebg-preview.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d219bf9a2d57902584db8194f2d8f6fbd0b939d214884fb3baa9db737d1abd91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 2656
cf-polished: origFmt=png, origSize=214768
x-guploader-uploadid: ADPycdsVaqmCEN0HVR2OaVB_HTAvk1-2ytK8ghNb6KDxEZPEysy4VH7qA3THyo8rTltColphsd5nH-Y0u99fQB9qwyaOT7La0g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1589267529_1504477-removebg-preview.webp"
content-length: 154724
cf-ray: 693bdb96185005ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Tue, 12 May 2020 07:12:10 GMT
server: cloudflare
etag: "5680a4d189e3f67ee01d38f8d58c3026"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=EYYm6Q==, md5=VoCk0Ynj9n7gHTj41YwwJg==
x-goog-generation: 1589267530152998
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 214768
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1589267911_1554702-removebg-preview.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 66 KB
67 KB 53ms
52ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1589267911_1554702-removebg-preview.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 690a84c6d3ae831523ae822e974427a4ec344ca80964fdd200dd1881b4dd70d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 91
cf-polished: origFmt=png, origSize=116685
x-guploader-uploadid: ADPycduCmYyHulr9w5s1RO12HahR8I-dMxQBmn_VVU3x_C9HGCo9vTRnfvTregqz0zyqjU_FdTBd531xe55MyTQmA50
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1589267911_1554702-removebg-preview.webp"
content-length: 67466
cf-ray: 693bdb96185105ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Tue, 12 May 2020 07:18:32 GMT
server: cloudflare
etag: "f1dac84fee5b6ff1a619558e7a87018a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=s+PUKA==, md5=8drIT+5bb/GmGVWOeocBig==
x-goog-generation: 1589267912214530
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 116685
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1604416007_1567896-removebg-preview.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 35 KB
36 KB 63ms
62ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1604416007_1567896-removebg-preview.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a0c239a737f99f8eccb6adcf08288b0296fa5cbb1ff6b7170f98306cee0c3f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 3537
cf-polished: origFmt=png, origSize=71066
x-guploader-uploadid: ADPycdudku_DNgMprN0tr1Z_kojt0idnwxl9tGWPgvq94eVyDUAtPMbSWcycX_FVZrk1ZO-FV4NFrir9tCharPoL9MWF63-41Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1604416007_1567896-removebg-preview.webp"
content-length: 36150
cf-ray: 693bdb96185305ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Tue, 03 Nov 2020 15:06:47 GMT
server: cloudflare
etag: "f4c08a5b40ef7d33918718b8c41bb9e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=+KiClQ==, md5=9MCKW0DvfTORhxi4xBu54w==
x-goog-generation: 1604416007319742
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 71066
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1604515349_1495642-removebg-preview.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 25 KB
25 KB 52ms
51ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1604515349_1495642-removebg-preview.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af55d34a07b81e2a9b3489739444f5474d88734d73ccde31266876fc6694b2e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 2656
cf-polished: origFmt=png, origSize=51304
x-guploader-uploadid: ADPycdvzQgfVsmRLskjAaBVviaCvPSaLoWMMextqvaGKg8jVKf-S25l4P6t_pJozgGp-wXJVj8uoJBqe6MURcgPGGwcwBoTX9g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1604515349_1495642-removebg-preview.webp"
content-length: 25714
cf-ray: 693bdb96185505ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Wed, 04 Nov 2020 18:42:30 GMT
server: cloudflare
etag: "1531b960288056689f19a9b457ae3c4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=8T++mA==, md5=FTG5YCiAVmifGam0V648Tg==
x-goog-generation: 1604515350001769
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 51304
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1605977729_1818427-removebg-preview.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 68 KB
68 KB 38ms
38ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1605977729_1818427-removebg-preview.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ea4a8d04b4b5174a527d8a1986656d045eae3cc3dc4eb32447ce750ddaa3f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 91
cf-polished: origFmt=png, origSize=120715
x-guploader-uploadid: ADPycdvSJVg1xyrvtBJimLGKElmqCFwZiwaRr0wjqzkEvMtaSsmOAE4ECXsBqX-6o83Q83h4r79m8Kd7vNXL1yTkdk8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1605977729_1818427-removebg-preview.webp"
content-length: 69164
cf-ray: 693bdb96185605ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Sat, 21 Nov 2020 16:55:30 GMT
server: cloudflare
etag: "dcac83a5ce670103a86d33a039cbacd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=ebplMw==, md5=3KyDpc5nAQOobTOgOcus2A==
x-goog-generation: 1605977730182633
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 120715
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1605978313_1391622-removebg-preview.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 39 KB
39 KB 50ms
50ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1605978313_1391622-removebg-preview.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65c50eb752da5bd01d7f464264925d7a110c60c927345b4d6763347ea550faca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 683
cf-polished: origFmt=png, origSize=66764
x-guploader-uploadid: ADPycdvze7zfdJbHg0baOUElambHPi6-cNSsQwFLMO5cuye1aD0wGNqXfHnnrlWdFk7H1us5rvMR1EkrBGltjRupUqQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1605978313_1391622-removebg-preview.webp"
content-length: 39582
cf-ray: 693bdb96185805ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Sat, 21 Nov 2020 17:05:14 GMT
server: cloudflare
etag: "604a12cb5e7a82d7995df3f214b83562"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=RI4CzQ==, md5=YEoSy156gteZXfPyFLg1Yg==
x-goog-generation: 1605978314045315
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 66764
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1605978902_1495643-removebg-preview.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 24 KB
24 KB 143ms
137ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1605978902_1495643-removebg-preview.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6a258673238b47f8862802e2e6c2226cc3539559b5a194015e92b9d4839a78d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=48989
x-guploader-uploadid: ADPycdv0TeHd9BtU4xibrTnHnuxmt5bTVzlvb0Q9aICoXUUK5-_4Zjz30EEkKORPV1l1xFoL2tmTsYwRnig83ZF1Wiw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1605978902_1495643-removebg-preview.webp"
content-type: image/webp
content-length: 24428
expires: Fri, 24 Sep 2021 16:01:23 GMT
last-modified: Sat, 21 Nov 2020 17:15:02 GMT
server: cloudflare
etag: "f991438180329ca6c480fb553951af80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=JHsAjQ==, md5=+ZFDgYAynKbEgPtVOVGvgA==
x-goog-generation: 1605978902726980
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 48989
accept-ranges: bytes
cf-ray: 693bdb96286605ed-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1623150385_Dollar.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/ 42 KB
42 KB 58ms
52ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1623150385_Dollar.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0becbabe8d82a70b1fa118a53e285850707b60c68faa895b544abad5938a0294

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 2024
cf-polished: origFmt=png, origSize=102993
x-guploader-uploadid: ADPycdsbATuoqmUeOG6azaFvSnVaJpeVd7D-Xp8pv3YJKm_Nq9vnNvYgJ2HFOwXa4VzORJcsinAoW0gg9Dp6FQUlD_U
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1623150385_Dollar.webp"
content-length: 42966
cf-ray: 693bdb96286c05ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Tue, 08 Jun 2021 11:06:25 GMT
server: cloudflare
etag: "3306832da67c9289dbe2b09219ab10f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=KwiSPA==, md5=MwaDLaZ8konb4rCSGasQ+Q==
x-goog-generation: 1623150385785337
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 102993
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1626674213_AhayahFINAL512.png
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 44 KB
45 KB 49ms
43ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1626674213_AhayahFINAL512.png
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd8ef617dcea02d6fa605ecbddc1fa4471e7352982451217417a736b0869c3f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 91
cf-polished: origFmt=png, origSize=61548
x-guploader-uploadid: ADPycdtcvIdQJIZBhIgaOrZ1MA6p8KgvlXHIhXU5g6jLhYidmT1IdwOOtigWZRWE6qKdO8VmlduODKFS8_wAZZQ7G-KUFG9xsg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1626674213_AhayahFINAL512.webp"
content-length: 45372
cf-ray: 693bdb96286e05ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Mon, 19 Jul 2021 05:56:54 GMT
server: cloudflare
etag: "69b44b442369a2334e9b1aaad2e9f53a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=U/ZFjw==, md5=abRLRCNpojNOmxqq0un1Og==
x-goog-generation: 1626674214108968
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 61548
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1586050709_Depositphotos_66382573_l-2015.jpg
assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/ 225 KB
226 KB 57ms
52ms Image
image/webp 104.18.21.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd5d9a13ba5a90ef79724f7/1586050709_Depositphotos_66382573_l-2015.jpg
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 273e9cd5ec1ba6a73257a105c8b71cbb3810e0d455e9ed3cd51024efaa9b39b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
cf-cache-status: HIT
age: 2024
cf-polished: qual=85, origFmt=jpeg, origSize=484750
x-guploader-uploadid: ADPycdvh4EU9h6YLrtEZot-2_YTjOEdiaXpMeqMuy9cenYQzYreI2QJ4ummBsAsQWZ_Y8lJWNUAvniZovJrIGGt7NoA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1586050709_Depositphotos_66382573_l-2015.webp"
content-length: 230332
cf-ray: 693bdb96287105ed-FRA
expires: Fri, 24 Sep 2021 16:01:22 GMT
last-modified: Sun, 05 Apr 2020 01:38:29 GMT
server: cloudflare
etag: "c5f607de38aaa9a52e94039e9fdebe3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=FgzKJQ==, md5=xfYH3jiqqaUulAOen96+Pw==
x-goog-generation: 1586050709701741
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 484750
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 inpage_published.js Show response
app.groove.cm/groovepages/js/ 71 KB
26 KB 67ms
22ms Script
application/javascript 172.67.139.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/js/inpage_published.js
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68a6c788c7fecfdfc924d45eb5ee870312e8cdd3bb682158cc7f0f4b81fd5047

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Sep 2021 09:45:48 GMT
server: cloudflare
age: 6974
etag: W/"614d9e4c-11ba5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsK%2BenaPCTOsDSMOI2xJtn40tq47rWQ3EHcZfW8BHQu9gEyesXt0R6lLSklw%2BnRqQ8ILMzmc%2B0uRYO2A7f4aBcw1YKyksKhz2lHcABuGLbqJErCY1J6bdoJXLyBqulOI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 693bdb966e5a3248-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 chunk-vendors.js Show response
app.groove.cm/groovepages/js/ 0
0 62ms
17ms Script
text/html 172.67.139.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/js/chunk-vendors.js
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 50ms
26ms Font
font/woff2 104.21.81.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.81.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://money.faith/
Origin: https://money.faith
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
via: 1.1 e14614617e85116e937d5168b35a94df.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kh6xX9Ja5hll5lxNCRbNRCldjfjDdpnh1ZZVnnSGuw0m2UzkjeQB1Qo92Sv9ncbrJ3L%2By9z5y72Q5e9hVN%2FBp2aQ6O%2BUX%2BB%2FTEBhyRfCFyoSEtWRbTIaz%2FJJ3f7lfWTxc%2BQZ3mte5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 693bdb96fe404137-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: nnyDj1cIxzDm4x8Isgi89LBmwv8xf1S_q2xGhcDilecDE4KgtdmQJw==

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 48ms
9ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 11:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Fri, 24 Sep 2021 12:37:09 GMT

GET
H2 200 main_de.js Show response
translate.googleapis.com/translate_static/js/element/ 7 KB
2 KB 49ms
10ms Script
text/javascript 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main_de.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

sffe /

Resource Hash

b9c5385fe2a7178bca062410e40f687d8656be20d0db09643c1df7eef914a4a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 11:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2431
x-xss-protection: 0
last-modified: Mon, 24 May 2021 18:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Fri, 24 Sep 2021 12:37:09 GMT

GET
H3 200 element_main.js Show response
translate.googleapis.com/element/TE_20210503_00/e/js/element/ 252 KB
90 KB 23ms
7ms Script
text/javascript 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main_de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

sffe /

Resource Hash

09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 09:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91906
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:56:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Sat, 24 Sep 2022 09:37:09 GMT

GET
H/1.1 200
OK matomo.php
matomo.groovetech.io/ 43 B
217 B 125ms
124ms Image
image/gif 51.161.92.183
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matomo.groovetech.io/matomo.php?action_name=money.faith%2FMoney%20and%20God%3F&idsite=4&rec=1&r=435305&h=12&m=1&s=23&url=https%3A%2F%2Fmoney.faith%2F&_id=424b0916a6cb0461&_idts=1632484883&_idvc=1&_idn=0&_refts=0&_viewts=1632484883&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&dimension1=15315&dimension2=AJwhjTpDY&gt_ms=879&pv_id=Y9HBAM
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.161.92.183 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ip183.ip-51-161-92.net
Software: nginx/1.19.2 / PHP/7.4.16
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
cache-control: no-store
server: nginx/1.19.2
x-powered-by: PHP/7.4.16
content-length: 43
content-type: image/gif

GET
H2 200 yasha-ahayah-scriptures-pdf-giveaway Show response
kingsumo.com//g/ddvftm/ Frame 142C 21 KB
7 KB 191ms
191ms Document
text/html 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed

Requested by

Host: kingsumo.com
URL: https://kingsumo.com/js/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

718fb21468700319da77d6d67b1b392f61444c53d110241653b652d0da16d9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: kingsumo.com
:scheme: https
:path: //g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://money.faith/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/

Response headers

server: nginx/1.18.0
date: Fri, 24 Sep 2021 12:01:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IlRTckFXdlwvUTFIcE1lK0JlWFQ3K2p3PT0iLCJ2YWx1ZSI6InZHZXpDYXFJQXg4aGMxb3pwcHVyXC8zQUwyZUcyTXk1NDZ5RjNrblwvOUZPa0hFem1BaHNKNzJYZE5sOFE5QldTVyIsIm1hYyI6Ijk3M2RkMzY0NDJiNGMyNzBlMWFhNzAwMTNhMmI2MzBlZDgyMWI5ODU0NDg5OWM3MzFkNzQ3MDMxNGMzYTBhNjQifQ%3D%3D; expires=Sat, 25-Sep-2021 12:01:23 GMT; Max-Age=86400; path=/; secure; samesite=none kingsumo_session__=eyJpdiI6IlwvV1hEeHlNVG5rbFdaaCtOT085NEl3PT0iLCJ2YWx1ZSI6Inh1XC84NHgxUEpWcGQwbjlcLzBJVm1oVXk2ZHlzbDlZa3BLN05FaUZvMnlqQjJDUW51MFNVVWN6dnByT2Y2dnVlSSIsIm1hYyI6IjQxZjUxNmMwMWMxMzdjZDUyMWJjNTM0OTQ4ZGU1ZjI0MGVjNTgzNDYwZmQyYzhmMThiNWQzYmVjNTliNTZhZmIifQ%3D%3D; expires=Sat, 25-Sep-2021 12:01:23 GMT; Max-Age=86400; path=/; secure; httponly; samesite=none
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip

GET
H/1.1 200
OK iframe_test Show response
api.vadoo.tv/ Frame 7D85 58 KB
58 KB 509ms
238ms Document
text/html 3.6.240.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.6.240.150 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-6-240-150.ap-south-1.compute.amazonaws.com
Software: openresty/1.19.3.1 /
Resource Hash: 50084de771e53f6d51b54dca86a987e5fd7ab79caba2aafecf21a6f5935edd3d

Request headers

Host: api.vadoo.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://money.faith/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/

Response headers

Server: openresty/1.19.3.1
Date: Fri, 24 Sep 2021 12:01:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 59315
Connection: keep-alive
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK iframe_test Show response
api.vadoo.tv/ Frame 2938 58 KB
58 KB 518ms
241ms Document
text/html 3.6.240.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.6.240.150 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-6-240-150.ap-south-1.compute.amazonaws.com
Software: openresty/1.19.3.1 /
Resource Hash: a31f3b659e4ad0233d740899658f7080712f25a4f2241eabfe9b73573f26ee46

Request headers

Host: api.vadoo.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://money.faith/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/

Response headers

Server: openresty/1.19.3.1
Date: Fri, 24 Sep 2021 12:01:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 58909
Connection: keep-alive
Access-Control-Allow-Origin: *

GET
H3 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 13 KB
14 KB 27ms
26ms Font
font/woff2 104.21.81.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.81.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer: https://money.faith/
Origin: https://money.faith
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13216
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "b8f1c6a3a94d42b082c29f0b1db8ba95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCGgvbYhwTW%2Ft0asaBK%2Bv2OiPG3rTmpiQkSnhcupZiligehsuadaOsdxCofgxi8Y2G0VK%2Fn%2B6ZaF%2BWiwPkC8hXBLl4gE%2F9U61g65o5lrGczYdHop6Hjv4rA4BUqcaHXUMCaQa%2BV0iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 693bdb9a78cb4137-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: oNitSdO8v7Zf80QToaD_mP7p5-9zSlljFQPq1YttXmEi5ZA8S6RVFg==

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 54ms
24ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://money.faith
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 01:25:05 GMT
x-content-type-options: nosniff
age: 210978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 01:25:05 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 48ms
18ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://money.faith
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 07:30:39 GMT
x-content-type-options: nosniff
age: 361844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 07:30:39 GMT

GET
H/1.1 200
OK widget-client Show response
paldesk.io/api/ 5 KB
3 KB 328ms
100ms Script
text/javascript 54.91.6.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://paldesk.io/api/widget-client?apiKey=41f15bbd4e89dc8057712a4f33f825f0
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-6-89.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 6cf688d07b8dd085f8f1eeadfd93c653caa2f679dbb30a5e64fe55fde212a214

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 12:01:23 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Powered-By: Express
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Server: Cowboy
Etag: W/"1495-aAHD/WFszLI/q4RjNwK9rlaa+tw"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT
Content-Type: text/javascript; charset=utf-8
Via: 1.1 vegur
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: X-Requested-With,content-type, Authorization
Expires: -1

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 45ms
22ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://money.faith
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 08:57:05 GMT
x-content-type-options: nosniff
age: 183858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 08:57:05 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 37ms
15ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://money.faith
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:11:30 GMT
x-content-type-options: nosniff
age: 334193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 15:11:30 GMT

GET
DATA 200
OK truncated Show response
/ Frame 4414 2 KB
2 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
849 B 36ms
14ms Image
image/png 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: money.faith
URL: https://money.faith/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 10:18:48 GMT
x-content-type-options: nosniff
age: 6155
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 24 Sep 2022 10:18:48 GMT

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 35ms
14ms Image
image/png 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 11:04:35 GMT
x-content-type-options: nosniff
age: 3408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 24 Sep 2022 11:04:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 142C 97 KB
39 KB 69ms
29ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52269-18

Requested by

Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fd4beb82f9d3d0636eb2ef88fefe4504077a2f2e0a74380ad2f011692d9ae80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39189
x-xss-protection: 0
expires: Fri, 24 Sep 2021 12:01:23 GMT

GET
H2 200 giveaway.css
kingsumo.b-cdn.net/css/ Frame 142C 163 KB
30 KB 47ms
9ms Stylesheet
text/css 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://kingsumo.b-cdn.net/css/giveaway.css?id=276ad1c0dc253db37767

Requested by

Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

23390b122416fed304e402b9355cde31c8462d5d3ab46ac0ccb0ff0bb9f28300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 08/11/2021 07:02:04
cdn-pullzone: 103603
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Fri, 06 Aug 2021 16:59:39 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 3c505f5ad6041a65f0a768b57d5c61c5
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 winner.svg
kingsumo.b-cdn.net/img/giv/ Frame 142C 2 KB
1 KB 45ms
9ms Image
image/svg+xml 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kingsumo.b-cdn.net/img/giv/winner.svg

Requested by

Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

87e070f0e9784bf33ffa12691316e78cbd1954752e9bdbf4f42f926edfdbed65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
cdn-cachedat: 08/11/2021 06:47:14
cdn-pullzone: 103603
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
last-modified: Fri, 06 Aug 2021 16:58:08 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: e276c0d103f0e1eb1e4f86dbb2ccee63
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 YlpQmRxCW24FMQLk12c20X4IlTzbTr8uZJRbtFNY.png
kingsumowebapp.b-cdn.net/logos/ Frame 142C 14 KB
15 KB 56ms
16ms Image
image/png 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kingsumowebapp.b-cdn.net/logos/YlpQmRxCW24FMQLk12c20X4IlTzbTr8uZJRbtFNY.png
Requested by: Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 262a85dfb9857b0ae6b4be9eabf7c707e4fe6a9f6f214735b58dfb49751d345c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
cdn-edgestorageid: 756
x-amz-request-id: X0FGPYQHFH04YZS9
cdn-cachedat: 08/11/2021 06:46:30
cdn-pullzone: 120658
content-length: 14524
x-amz-id-2: vmdr3HzoLbrChAIUOxmcctKAf4EK78zfcDAM6pnmTAS2wXEqb2U1+r1dCJl8O5MywPL35AJEVfM=
server: BunnyCDN-DE1-756
last-modified: Sat, 03 Apr 2021 00:52:24 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/png
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: b0bc9adfbf764bdb5c609912f8717c01
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logo-plain.svg
kingsumo.b-cdn.net/img/ Frame 142C 3 KB
2 KB 44ms
8ms Image
image/svg+xml 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kingsumo.b-cdn.net/img/logo-plain.svg

Requested by

Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

d78eee5e147ece6afe84fb611720089981207201aa90588a682758f13fb2eac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
cdn-cachedat: 08/11/2021 07:58:36
cdn-pullzone: 103603
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
last-modified: Fri, 06 Aug 2021 16:58:08 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: 9157cd5fa9a54d4c9dc513f6cdb51575
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 app-giveaway.js Show response
kingsumo.b-cdn.net/js/ Frame 142C 321 KB
107 KB 46ms
8ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://kingsumo.b-cdn.net/js/app-giveaway.js?id=8945ac398e9b55bc9c54

Requested by

Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

b9ef29aa4d5954f0d6dcac8981e1ef64411967a233fc851f087a191f93688c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 08/11/2021 05:06:46
cdn-pullzone: 103603
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Fri, 06 Aug 2021 16:59:39 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 03c617c7a398d0a220a13db81ec8fd7a
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 embed.js Show response
kingsumo.b-cdn.net/js/ Frame 142C 34 KB
13 KB 829ms
792ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kingsumo.b-cdn.net/js/embed.js?id=2ecef3a50a95a5e500e4
Requested by: Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: a8d7fb0ecaa755024d3d26dcccfc88a4617abe9c2c080994668ccacc582a472b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
content-encoding: br
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 09/24/2021 14:01:24
cdn-pullzone: 103603
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Friday, 24-Sep-2021 12:01:24 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: no-store, must-revalidate, proxy-revalidate, no-cache, max-age=0
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 261e01549e0d37a5f7bd669017b24965
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 142C 98 KB
26 KB 22ms
8ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: c7Err9ENLoynkRzktv3OoI47jlziH0SgKDMOL4SOK51sf3V5mgwtzOTbi3lAi6ITDW/x/op+oEcqLzg7zrtv+w==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 24 Sep 2021 12:01:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 782648399035086 Show response
connect.facebook.net/signals/config/ Frame 142C 490 KB
143 KB 122ms
114ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/782648399035086?v=2.9.46&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

1add0e4f52ffe0ac7d47a5e0ff5f99b5fdd8c80905eaec0abddd916b707c146d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 9ge5Y35HBt5Y7hEWfP0n2i6r5dn3RhFLGKRhrg9ZHAqZVWrYuD2/i5gmavQ5cSeBsTXDodh8V1JO39gsBTBakA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Sep 2021 12:01:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 142C 20 KB
1 KB 17ms
17ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Mono:100,300|Roboto:100,300,400,400i,500,500i,700,700i

Requested by

Host: kingsumo.b-cdn.net
URL: https://kingsumo.b-cdn.net/css/giveaway.css?id=276ad1c0dc253db37767

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

3de58a5f760c1e0a73aa2ddc2e549e1e3cbf713ab0e6e4788f2ce31f06a2b220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.b-cdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 12:01:23 GMT
server: ESF
date: Fri, 24 Sep 2021 12:01:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Sep 2021 12:01:23 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 142C 3 KB
2 KB 7ms
6ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

9e995dbe708e7e2172086fe25b676cf88b25113006c26591242a4bb2708a99f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: qVX/F3hwjizPXju5RJvyBQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 1TPzA/oEBtiYtpUGCkOwp/zY5/eTNGN1HEpN2ywCf2SP7c9TLm5/4WZ/29iWA3Qf8RCsAtwXc+p+XdzXj0Pwgw==
x-fb-content-md5: 86ea2bc8a070162eee32e04ef6b6535b
x-frame-options: DENY
date: Fri, 24 Sep 2021 12:01:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "67851a1b79b33520a482effa49944ef5"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 24 Sep 2021 12:12:20 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 142C 263 KB
74 KB 14ms
6ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=800943a6ea347996a6afde4af5c0a724

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

0801447807f2d646c9e78ec7b73012396ad70b5620994d5b64bfcabb72db019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kingsumo.com/
Origin: https://kingsumo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QhJTpE+K277xC9FUopBMRA==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76119
x-fb-rlafr: 0
x-fb-debug: rlhsJPoMaoJbmqrW50e4Hz2NfGMH8silW/Gsaga70z/LQ2P93pe6ur7+BWPW1HErT0+pPERHo7Dniyz81hnEMA==
x-fb-content-md5: 8ffa922c4a8bc450bfa5785996fba8b8
x-frame-options: DENY
date: Fri, 24 Sep 2021 12:01:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f0ac5e4b5b815fbd53b2875603cce2d6"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 24 Sep 2022 11:52:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 142C 97 KB
38 KB 41ms
26ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52269-25&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52269-18

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e8c81ea0cd535a4740ac82e0c1337ac43cb517b8e4f646d8f340b3f40804b19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39197
x-xss-protection: 0
expires: Fri, 24 Sep 2021 12:01:23 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 142C 44 B
313 B 23ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410195246098431&ev=fb_page_view&dl=https%3A%2F%2Fkingsumo.com%2F%2Fg%2Fddvftm%2Fyasha-ahayah-scriptures-pdf-giveaway%3Fe%3Dhttps%253A%252F%252Fmoney.faith%252F%26utm_source%3Dhttps%253A%252F%252Fmoney.faith%252F%26utm_campaign%3Dembed&rl=https%3A%2F%2Fmoney.faith%2F&if=true&ts=1632484883930&sw=1600&sh=1200&at=

Requested by

Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 24 Sep 2021 12:01:23 GMT

GET
H2 200 main.bc291327930b66586bdf.css.gz Show response
widget.paldesk.io/p/static/css/ 102 KB
12 KB 239ms
135ms XHR
text/css 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.paldesk.io/p/static/css/main.bc291327930b66586bdf.css.gz?888
Requested by: Host: paldesk.io
URL: https://paldesk.io/api/widget-client?apiKey=41f15bbd4e89dc8057712a4f33f825f0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 387521ff9df5b700c157e683da4c2885534a95f1e90e7d54992728b8a788a647

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:25 GMT
content-encoding: gzip
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
content-length: 11991
access-control-allow-origin: *
last-modified: Fri, 13 Aug 2021 06:13:48 GMT
server: AmazonS3
etag: "e7af35ea06af1cebebe8f0d1b59904af"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/css
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 0NrTmu4qT-nsu3Dy2hOtxXOmM9ncE7sm3VBkJjC2mRdcqpN0O_uk4Q==

HEAD
H/1.1 200
OK 41f15bbd4e89dc8057712a4f33f825f0 Show response
paldesk-stats.herokuapp.com/stats/ 0
396 B 159ms
34ms XHR
text/plain 34.241.115.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://paldesk-stats.herokuapp.com/stats/41f15bbd4e89dc8057712a4f33f825f0
Requested by: Host: paldesk.io
URL: https://paldesk.io/api/widget-client?apiKey=41f15bbd4e89dc8057712a4f33f825f0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.115.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-115-67.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://money.faith/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 12:01:24 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PUT, HEAD
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,content-type, Authorization
Content-Length: 2

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 142C 48 KB
19 KB 7ms
6ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52269-25&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4163
date: Fri, 24 Sep 2021 10:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 24 Sep 2021 12:52:00 GMT

GET
H2 200 TXZDA6lASvsB7n8vWpamVgKR7xMEG7q9INqXXnkS182399
kingsumowebapp.b-cdn.net/giveaways/ Frame 142C 844 KB
845 KB 8ms
8ms Image
image/png 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kingsumowebapp.b-cdn.net/giveaways/TXZDA6lASvsB7n8vWpamVgKR7xMEG7q9INqXXnkS182399
Requested by: Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 730c4b8e44785206b013991057d7c1835a6874607dd5d685db9b4562ef34084b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
cdn-edgestorageid: 756
x-amz-request-id: MNQDZEVFXB8J36VH
cdn-cachedat: 08/11/2021 01:40:14
cdn-pullzone: 120658
content-length: 863824
x-amz-id-2: BhrvbKwKUE+0TiVDAMXN1DM7vTd2H6COoxNdJRzXKAZhyGNqfUezaL8WzWYNlKadujD6FDBO7rQ=
server: BunnyCDN-DE1-756
last-modified: Fri, 02 Apr 2021 23:51:51 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/png
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: 49c8a4c248eb05807b451d563eb4ecae
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 over-ribbon.svg
kingsumo.b-cdn.net/img/giv/ Frame 142C 3 KB
2 KB 12ms
11ms Image
image/svg+xml 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kingsumo.b-cdn.net/img/giv/over-ribbon.svg

Requested by

Host: kingsumo.b-cdn.net
URL: https://kingsumo.b-cdn.net/css/giveaway.css?id=276ad1c0dc253db37767

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

a52b921c6e8a46222fd342ad6262de47895a963f49cbe589d3f1a20d44248950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.b-cdn.net/css/giveaway.css?id=276ad1c0dc253db37767
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
cdn-cachedat: 08/11/2021 05:20:58
cdn-pullzone: 103603
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
last-modified: Fri, 06 Aug 2021 16:58:08 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: 835a7d62e94cd16461f50069e61be494
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hr.svg
kingsumo.b-cdn.net/img/giv/ Frame 142C 271 B
681 B 12ms
11ms Image
image/svg+xml 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kingsumo.b-cdn.net/img/giv/hr.svg

Requested by

Host: kingsumo.b-cdn.net
URL: https://kingsumo.b-cdn.net/css/giveaway.css?id=276ad1c0dc253db37767

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

87b6419f64939b8b29786c254e83d68a4c5f4b7be01e791ce9b478541442022b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.b-cdn.net/css/giveaway.css?id=276ad1c0dc253db37767
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
cdn-cachedat: 08/11/2021 06:45:58
cdn-pullzone: 103603
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
last-modified: Fri, 06 Aug 2021 16:58:08 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: 7fbdbd05bec5816c1fbdd9e9d0c1d613
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hr-down.svg
kingsumo.b-cdn.net/img/giv/ Frame 142C 370 B
726 B 12ms
10ms Image
image/svg+xml 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kingsumo.b-cdn.net/img/giv/hr-down.svg

Requested by

Host: kingsumo.b-cdn.net
URL: https://kingsumo.b-cdn.net/css/giveaway.css?id=276ad1c0dc253db37767

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

1a52040f550b42d12e69ce0d8938e5d34e703682acda505b755b62b7bcd955ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.b-cdn.net/css/giveaway.css?id=276ad1c0dc253db37767
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
cdn-cachedat: 08/11/2021 02:12:17
cdn-pullzone: 103603
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
last-modified: Fri, 06 Aug 2021 16:58:08 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: dbe6abcd23f55a9f5826cf286782ef53
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 btn-icon-arrowright.svg
kingsumo.b-cdn.net/img/giv/ Frame 142C 310 B
724 B 13ms
8ms Image
image/svg+xml 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kingsumo.b-cdn.net/img/giv/btn-icon-arrowright.svg

Requested by

Host: kingsumo.b-cdn.net
URL: https://kingsumo.b-cdn.net/css/giveaway.css?id=276ad1c0dc253db37767

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

5b99e9d59277dbd2407aec935502e3472c57278385b1f8a59148627aa671fb28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.b-cdn.net/css/giveaway.css?id=276ad1c0dc253db37767
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
cdn-cachedat: 08/11/2021 06:00:16
cdn-pullzone: 103603
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
last-modified: Fri, 06 Aug 2021 16:58:08 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: cff20ba9d4596ae76311f623d2ff0768
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 142C 15 KB
15 KB 21ms
17ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:100,300|Roboto:100,300,400,400i,500,500i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kingsumo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 156582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 16:31:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 142C 15 KB
15 KB 22ms
22ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:100,300|Roboto:100,300,400,400i,500,500i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kingsumo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:32:14 GMT
x-content-type-options: nosniff
age: 156549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 16:32:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 142C 15 KB
15 KB 28ms
28ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:100,300|Roboto:100,300,400,400i,500,500i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kingsumo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:31:45 GMT
x-content-type-options: nosniff
age: 156578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 16:31:45 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 142C 16 KB
16 KB 28ms
28ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:100,300|Roboto:100,300,400,400i,500,500i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kingsumo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:31:57 GMT
x-content-type-options: nosniff
age: 156566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 16:31:57 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 142C 44 B
91 B 15ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=782648399035086&ev=PageView&dl=https%3A%2F%2Fkingsumo.com%2F%2Fg%2Fddvftm%2Fyasha-ahayah-scriptures-pdf-giveaway%3Fe%3Dhttps%253A%252F%252Fmoney.faith%252F%26utm_source%3Dhttps%253A%252F%252Fmoney.faith%252F%26utm_campaign%3Dembed&rl=https%3A%2F%2Fmoney.faith%2F&if=true&ts=1632484884110&sw=1600&sh=1200&v=2.9.46&r=stable&ec=0&o=30&it=1632484883809&coo=false&rqm=GET

Requested by

Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 24 Sep 2021 12:01:24 GMT

GET
H2 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.12.1/ Frame 7D85 40 KB
9 KB 49ms
27ms Stylesheet
text/css 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.12.1/video-js.min.css

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2a6daaa1ab502ed0c962951a3c92b5c3415264e024dc2d46d65908ef48a1553

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 149553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9175
timing-allow-origin: *
last-modified: Wed, 14 Apr 2021 10:57:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6076caa3-9e2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RfV99X2baw35bINS8%2BKQzECR4WQx9Uu2icTrWwCl2BjhDEIoW3sjJUCLRfa9vHJIzjR9Fx8JSa1b0DnBw4TweqBUTni61V22wj2pn4%2F9XNybS3lmhd2t3WbWDxy6qpO1SMvLKnt"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 693bdb9e0cdd2bad-FRA
expires: Wed, 14 Sep 2022 12:01:24 GMT

GET
H2 200 video.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/7.12.1/ Frame 7D85 556 KB
128 KB 41ms
19ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.12.1/video.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32f4560596d4ecabf78b0ba04e9cf9f1d2fed7a42dd1294cb3cc7d228b3c261c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2479339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 131073
timing-allow-origin: *
last-modified: Wed, 14 Apr 2021 10:57:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6076caa3-8b11d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baGOPTd%2B56lciTBqTiuHSwAAAdcTzGTgJiqO9EqD9u2xQxsm24xSCQdRVq9sY9PpqeX6TCzqLcCqr9Q7dPtW4eHNLdN8ex601imGnrfs%2Bi3oTFi2jw4nw%2BdLzjg26%2FrGilh4DisL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 693bdb9e0ce02bad-FRA
expires: Wed, 14 Sep 2022 12:01:24 GMT

GET
H2 200 videojs-seek-buttons.css
cdn.jsdelivr.net/npm/videojs-seek-buttons/dist/ Frame 7D85 1 KB
710 B 24ms
7ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-seek-buttons/dist/videojs-seek-buttons.css

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

38e837fcb23246c0615dbae061d8a3ba30ea4c17a41de227177184741d56886f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 36865
x-jsd-version: 2.1.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 323
etag: W/"49e-3VtE8WdsgHFQVlfrSfM74CIY2RM"
x-served-by: cache-fra19153-FRA, cache-hhn4070-HHN
x-jsd-version-type: version
date: Fri, 24 Sep 2021 12:01:24 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 videojs-seek-buttons.min.js Show response
cdn.jsdelivr.net/npm/videojs-seek-buttons/dist/ Frame 7D85 2 KB
1014 B 26ms
9ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-seek-buttons/dist/videojs-seek-buttons.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

16d9f630318a24117d933d7437087728d5aee371795ea3284f646f47c32f35f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://api.vadoo.tv/
Origin: https://api.vadoo.tv
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 877
x-jsd-version: 2.1.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 971
etag: W/"981-Em9zAdjz8mXSo8dVcacpH0sKah4"
x-served-by: cache-fra19176-FRA, cache-hhn4073-HHN
x-jsd-version-type: version
date: Fri, 24 Sep 2021 12:01:24 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 9e245be6dd804af78c368b7e5f60c6d4.min.js Show response
js.sentry-cdn.com/ Frame 7D85 2 KB
1 KB 6ms
6ms Script
text/javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/9e245be6dd804af78c368b7e5f60c6d4.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

78f6c000c96b9a92f983985beb21505973b1cc801087ca8c4db8a7b767804179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://api.vadoo.tv/
Origin: https://api.vadoo.tv
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
x-envoy-upstream-service-time: 24
vary: Accept-Encoding
content-length: 1020
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-production-79895f595-gpl87, cache-ord1730-ORD, cache-hhn4068-HHN
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-language: en
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 videojs-overlay.min.js Show response
static.vadoo.tv/static/ Frame 7D85 5 KB
2 KB 55ms
11ms Script
application/javascript 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vadoo.tv/static/videojs-overlay.min.js
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71fd350f205136634c080ecc5d0f10423e6424919d35337ef49d23a3b1abbc10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:58:05 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 16:01:18 GMT
server: AmazonS3
age: 39158
etag: W/"05905f68e0b29f284debf720db534f96"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: a_4LSEWg6b_fWkVT3EkVJYIohru1jsdoquBspdWw3O0SR9eTrjogTg==

GET
H2

200

videojs-contrib-quality-levels.min.js Show response
unpkg.com/videojs-contrib-quality-levels@2.1.0/dist/ Frame 7D85
Redirect Chain

https://unpkg.com/videojs-contrib-quality-levels/dist/videojs-contrib-quality-levels.min.js
https://unpkg.com/videojs-contrib-quality-levels@2.1.0/dist/videojs-contrib-quality-levels.min.js

3 KB
1 KB

15ms
15ms

Script
application/javascript

104.16.125.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/videojs-contrib-quality-levels@2.1.0/dist/videojs-contrib-quality-levels.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.125.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa517fb783833eeb261722b1a04a11374163f89ff9f760ef87b8e600cd9e1e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 984259
fly-request-id: 01FFEG7RTYA8SWZ87C670PKT14
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"aa8-E3RApDjTnzXHYo4wtWIvxB9PXxI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 693bdb9e2cbc5b68-FRA

Redirect headers

date: Fri, 24 Sep 2021 12:01:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FGBTCYJA0JEQK3Z5XE6ZXSFS
server: cloudflare
age: 526
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /videojs-contrib-quality-levels@2.1.0/dist/videojs-contrib-quality-levels.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 693bdb9e0c7e5b68-FRA
access-control-allow-origin: *

GET
H2 200 videojs-http-source-selector.min.js Show response
cdn.jsdelivr.net/npm/videojs-hls-source-selector@1.0.1/dist/ Frame 7D85 4 KB
2 KB 25ms
8ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-hls-source-selector@1.0.1/dist/videojs-http-source-selector.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c7141e7114d466207e5a0108c2eb813996a7fa35fa1a4d1326cf486506cf6821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1283665
x-jsd-version: 1.0.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1541
etag: W/"115c-GUhG2PJK/VQueZoIpz3RIfEW5po"
x-served-by: cache-fra19139-FRA, cache-hhn4070-HHN
x-jsd-version-type: version
date: Fri, 24 Sep 2021 12:01:24 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 videojs-hls-quality-selector.min.js Show response
www.unpkg.com/videojs-hls-quality-selector@1.1.4/dist/ Frame 7D85 6 KB
2 KB 69ms
32ms Script
application/javascript 104.16.124.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unpkg.com/videojs-hls-quality-selector@1.1.4/dist/videojs-hls-quality-selector.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3e7f02d1150892a4676566c5bc18aa873d816024deeabb1f810a7d5966d2543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 983535
fly-request-id: 01FFEGXVCNSK6TRDWG4XJ1BB2T
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1615-yMXSgnIfXLJImWqmKfr5wMn+v88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 693bdb9e1d732bd6-FRA

GET
H2 200 videojs.hotkeys.min.js Show response
static.vadoo.tv/static/js/ Frame 7D85 4 KB
2 KB 55ms
11ms Script
application/javascript 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vadoo.tv/static/js/videojs.hotkeys.min.js
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8cc889a677f0ec27b0cdca752c68162e103ecff62e718b4a2e42ff5f726b2f42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 00:54:50 GMT
content-encoding: br
last-modified: Fri, 24 Sep 2021 00:52:25 GMT
server: AmazonS3
age: 39995
etag: W/"9eab786eeba5ace54e1cc4029ebffe70"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GWEZLDJVw0UZfDA4XPk-KgeK6lawE8YS36TYeHFUqVg3GyYsC46X9A==

GET
H2 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.12.1/ Frame 2938 40 KB
10 KB 39ms
19ms Stylesheet
text/css 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.12.1/video-js.min.css

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2a6daaa1ab502ed0c962951a3c92b5c3415264e024dc2d46d65908ef48a1553

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 149553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9175
timing-allow-origin: *
last-modified: Wed, 14 Apr 2021 10:57:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6076caa3-9e2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hten4G6t4Qpf96sX%2BWbsYm2IjfvKzz9pF2aTmTFhArmKzdaZUmKwectWzaXEH%2FipJKU9NwxVPSESwKf045ljxCRJI8xp7Gc47wsbc%2Fk3YPUA0weoUIy5Jfpo1xDlWGazCC6P5Hs5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 693bdb9e0cdf2bad-FRA
expires: Wed, 14 Sep 2022 12:01:24 GMT

GET
H2 200 video.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/7.12.1/ Frame 2938 556 KB
128 KB 52ms
32ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.12.1/video.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32f4560596d4ecabf78b0ba04e9cf9f1d2fed7a42dd1294cb3cc7d228b3c261c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2479339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 131073
timing-allow-origin: *
last-modified: Wed, 14 Apr 2021 10:57:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6076caa3-8b11d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sd3srAn4hwfCAwqiiTQYyGsOdvuhz80MKUhMhz0NZUTZsviezgHXT%2FQKXALB6Rxsbpu02hrcFlMKpd9bq%2Fjiss%2BgQtuwTqd6yXRjGo5%2B1cSABnNgf07qIlIWSjZVY2IOqVO%2F4Ghf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 693bdb9e0ce22bad-FRA
expires: Wed, 14 Sep 2022 12:01:24 GMT

GET
H2 200 videojs-seek-buttons.css
cdn.jsdelivr.net/npm/videojs-seek-buttons/dist/ Frame 2938 1 KB
366 B 23ms
8ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-seek-buttons/dist/videojs-seek-buttons.css

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

38e837fcb23246c0615dbae061d8a3ba30ea4c17a41de227177184741d56886f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 36865
x-jsd-version: 2.1.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 323
etag: W/"49e-3VtE8WdsgHFQVlfrSfM74CIY2RM"
x-served-by: cache-fra19153-FRA, cache-hhn4070-HHN
x-jsd-version-type: version
date: Fri, 24 Sep 2021 12:01:24 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 videojs-seek-buttons.min.js Show response
cdn.jsdelivr.net/npm/videojs-seek-buttons/dist/ Frame 2938 2 KB
1 KB 24ms
9ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-seek-buttons/dist/videojs-seek-buttons.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

16d9f630318a24117d933d7437087728d5aee371795ea3284f646f47c32f35f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://api.vadoo.tv/
Origin: https://api.vadoo.tv
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 877
x-jsd-version: 2.1.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 971
etag: W/"981-Em9zAdjz8mXSo8dVcacpH0sKah4"
x-served-by: cache-fra19176-FRA, cache-hhn4073-HHN
x-jsd-version-type: version
date: Fri, 24 Sep 2021 12:01:24 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 9e245be6dd804af78c368b7e5f60c6d4.min.js Show response
js.sentry-cdn.com/ Frame 2938 2 KB
1 KB 25ms
6ms Script
text/javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/9e245be6dd804af78c368b7e5f60c6d4.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

78f6c000c96b9a92f983985beb21505973b1cc801087ca8c4db8a7b767804179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://api.vadoo.tv/
Origin: https://api.vadoo.tv
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
x-envoy-upstream-service-time: 24
vary: Accept-Encoding
content-length: 1020
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-production-79895f595-gpl87, cache-ord1730-ORD, cache-hhn4068-HHN
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-language: en
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 videojs-overlay.min.js Show response
static.vadoo.tv/static/ Frame 2938 5 KB
2 KB 52ms
10ms Script
application/javascript 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vadoo.tv/static/videojs-overlay.min.js
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71fd350f205136634c080ecc5d0f10423e6424919d35337ef49d23a3b1abbc10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:58:05 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 16:01:18 GMT
server: AmazonS3
age: 39158
etag: W/"05905f68e0b29f284debf720db534f96"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _ggzB5_HnCiM9_9kANj_mfeqmxmtNqqIe4Kere3uUovmzpA7uTep2A==

GET
H2

200

videojs-contrib-quality-levels.min.js Show response
unpkg.com/videojs-contrib-quality-levels@2.1.0/dist/ Frame 2938
Redirect Chain

https://unpkg.com/videojs-contrib-quality-levels/dist/videojs-contrib-quality-levels.min.js
https://unpkg.com/videojs-contrib-quality-levels@2.1.0/dist/videojs-contrib-quality-levels.min.js

3 KB
1 KB

17ms
17ms

Script
application/javascript

104.16.125.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/videojs-contrib-quality-levels@2.1.0/dist/videojs-contrib-quality-levels.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.125.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa517fb783833eeb261722b1a04a11374163f89ff9f760ef87b8e600cd9e1e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 984259
fly-request-id: 01FFEG7RTYA8SWZ87C670PKT14
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"aa8-E3RApDjTnzXHYo4wtWIvxB9PXxI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 693bdb9e2cc65b68-FRA

Redirect headers

date: Fri, 24 Sep 2021 12:01:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FGBTCYJA0JEQK3Z5XE6ZXSFS
server: cloudflare
age: 526
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /videojs-contrib-quality-levels@2.1.0/dist/videojs-contrib-quality-levels.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 693bdb9e0c815b68-FRA
access-control-allow-origin: *

GET
H2 200 videojs-http-source-selector.min.js Show response
cdn.jsdelivr.net/npm/videojs-hls-source-selector@1.0.1/dist/ Frame 2938 4 KB
2 KB 23ms
8ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-hls-source-selector@1.0.1/dist/videojs-http-source-selector.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c7141e7114d466207e5a0108c2eb813996a7fa35fa1a4d1326cf486506cf6821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1283665
x-jsd-version: 1.0.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1541
etag: W/"115c-GUhG2PJK/VQueZoIpz3RIfEW5po"
x-served-by: cache-fra19139-FRA, cache-hhn4070-HHN
x-jsd-version-type: version
date: Fri, 24 Sep 2021 12:01:24 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 videojs-hls-quality-selector.min.js Show response
www.unpkg.com/videojs-hls-quality-selector@1.1.4/dist/ Frame 2938 6 KB
3 KB 55ms
19ms Script
application/javascript 104.16.124.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unpkg.com/videojs-hls-quality-selector@1.1.4/dist/videojs-hls-quality-selector.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3e7f02d1150892a4676566c5bc18aa873d816024deeabb1f810a7d5966d2543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 983535
fly-request-id: 01FFEGXVCNSK6TRDWG4XJ1BB2T
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1615-yMXSgnIfXLJImWqmKfr5wMn+v88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 693bdb9e1d762bd6-FRA

GET
H2 200 videojs.hotkeys.min.js Show response
static.vadoo.tv/static/js/ Frame 2938 4 KB
2 KB 52ms
10ms Script
application/javascript 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vadoo.tv/static/js/videojs.hotkeys.min.js
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8cc889a677f0ec27b0cdca752c68162e103ecff62e718b4a2e42ff5f726b2f42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 00:54:50 GMT
content-encoding: br
last-modified: Fri, 24 Sep 2021 00:52:25 GMT
server: AmazonS3
age: 39995
etag: W/"9eab786eeba5ace54e1cc4029ebffe70"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: J1YRlB90YAgxRZKRPhzvTs0pMdjhKZG1BxdQzAPKqN-bET_mJNmjcA==

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ Frame 7D85 119 KB
21 KB 36ms
18ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 16037345
cdn-cachedat: 2021-03-11 11:57:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5cb63f9f95ecf095082c5daadbee8506
cf-ray: 693bdb9e6da05c3e-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
static.vadoo.tv/static/js/ Frame 7D85 87 KB
31 KB 9ms
8ms Script
application/javascript 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vadoo.tv/static/js/jquery.min.js
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 08:24:56 GMT
content-encoding: gzip
last-modified: Tue, 07 Sep 2021 04:06:32 GMT
server: AmazonS3
age: 13654
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tv9L0RbPNRgEaGCtZKPCLQhJDnwy0ZokLxA2pxgtyeVP5v7Ra1McRA==

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ Frame 7D85 39 KB
11 KB 21ms
20ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617
age: 16036891
cdn-cachedat: 2021-03-11 11:58:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: be000bfdd4f127260b29957f966b0f38
cf-ray: 693bdb9e7dcb5c3e-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ Frame 2938 119 KB
20 KB 32ms
17ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 16037345
cdn-cachedat: 2021-03-11 11:57:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5cb63f9f95ecf095082c5daadbee8506
cf-ray: 693bdb9f0a895b5c-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
static.vadoo.tv/static/js/ Frame 2938 87 KB
31 KB 8ms
7ms Script
application/javascript 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vadoo.tv/static/js/jquery.min.js
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 08:24:56 GMT
content-encoding: gzip
last-modified: Tue, 07 Sep 2021 04:06:32 GMT
server: AmazonS3
age: 13654
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zRoVYpbcRitb8-s_Uh48ql-FcYUgNoBH0FYVgeBoNBh_40AYH8Igyg==

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ Frame 2938 39 KB
12 KB 40ms
25ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617
age: 16036891
cdn-cachedat: 2021-03-11 11:58:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: be000bfdd4f127260b29957f966b0f38
cf-ray: 693bdb9f0a8b5b5c-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

POST
H/1.1 200
OK add_view Show response
dev.vadoo.tv/ Frame 7D85 4 B
236 B 614ms
329ms XHR
text/html 65.2.77.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.vadoo.tv/add_view
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.2.77.87 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-65-2-77-87.ap-south-1.compute.amazonaws.com
Software: openresty/1.19.3.1 /
Resource Hash: 11a6767d5674c7e45f7e00dc525762275b3a48491ad6045427d2609cc496c516

Request headers

Referer: https://api.vadoo.tv/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://api.vadoo.tv
Date: Fri, 24 Sep 2021 12:01:24 GMT
Server: openresty/1.19.3.1
Connection: keep-alive
Content-Length: 4
Vary: Origin
Content-Type: text/html; charset=utf-8

GET
H2 200 kePgnPJx2LsYbCF6YqkwHyiMr1a28Fjg.png
image.vadoo.tv/Timothy_b25fd62f-4ab2-4100-8e3a-98e924e3d699/store_images/U6V4I4DnB9hV-7wggYwMKxVhjuSDAfns_HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y/ Frame 7D85 14 KB
15 KB 528ms
481ms Image
binary/octet-stream 143.204.98.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vadoo.tv/Timothy_b25fd62f-4ab2-4100-8e3a-98e924e3d699/store_images/U6V4I4DnB9hV-7wggYwMKxVhjuSDAfns_HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y/kePgnPJx2LsYbCF6YqkwHyiMr1a28Fjg.png
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-11.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262a85dfb9857b0ae6b4be9eabf7c707e4fe6a9f6f214735b58dfb49751d345c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:25 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Fri, 30 Apr 2021 17:41:53 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: "2ba4f5c8458069fc3c58cff6b73c4852"
x-cache: Miss from cloudfront
x-amz-version-id: null
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 14524
x-amz-cf-id: YbN6onBWpujvOnABVBMCqXvls3qLwZL27ZjDe0VCEyDZqdWLYWUjuw==

GET
H2 200 thumbnail.gif
vadooimages.vadoo.tv/TimothySorsdahl_b25fd62f-4ab2-4100-8e3a-98e924e3d699/videos/HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y/HLS/ Frame 7D85 4 MB
4 MB 60ms
12ms Image
binary/octet-stream 143.204.98.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vadooimages.vadoo.tv/TimothySorsdahl_b25fd62f-4ab2-4100-8e3a-98e924e3d699/videos/HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y/HLS/thumbnail.gif
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb226fe3a4b91e702645a9712a73b5b0e919d872c90dd9371dd1096bcb6a7967

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 07:41:00 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 17:09:22 GMT
server: AmazonS3
age: 15624
etag: "f1fbdfbe3aef20a2553db17beadac166"
x-edge-origin-shield-skipped: 0
content-type: binary/octet-stream
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3903341
x-amz-cf-id: hc7jxAFH_dYhsuBYyWo6c0VZM6yXycMqdT1I-jyqvh0uckMFE0nt-Q==

GET
DATA 200
OK truncated
/ Frame 7D85 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee77bb25da8f55be30d21868308413e3d8a0b097d4193e4d2fb4477d284374f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7D85 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://api.vadoo.tv
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 fp.min.js Show response
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/ Frame 7D85 31 KB
13 KB 12ms
12ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 30841
x-jsd-version: 3.3.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 12950
etag: W/"7bda-6e3Kg5ngt2AnGXK7N79XP7Iku90"
x-served-by: cache-fra19182-FRA, cache-hhn4070-HHN
x-jsd-version-type: version
date: Fri, 24 Sep 2021 12:01:24 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK add_view Show response
dev.vadoo.tv/ Frame 2938 4 B
236 B 596ms
337ms XHR
text/html 65.2.77.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.vadoo.tv/add_view
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.2.77.87 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-65-2-77-87.ap-south-1.compute.amazonaws.com
Software: openresty/1.19.3.1 /
Resource Hash: 11a6767d5674c7e45f7e00dc525762275b3a48491ad6045427d2609cc496c516

Request headers

Referer: https://api.vadoo.tv/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://api.vadoo.tv
Date: Fri, 24 Sep 2021 12:01:24 GMT
Server: openresty/1.19.3.1
Connection: keep-alive
Content-Length: 4
Vary: Origin
Content-Type: text/html; charset=utf-8

GET
H2 200 JXA5rlO7UBP7mOjckVGGtxRO8PUhey1u.png
image.vadoo.tv/Timothy_b25fd62f-4ab2-4100-8e3a-98e924e3d699/store_images/U6V4I4DnB9hV-7wggYwMKxVhjuSDAfns_oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ/ Frame 2938 14 KB
15 KB 481ms
481ms Image
binary/octet-stream 143.204.98.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.vadoo.tv/Timothy_b25fd62f-4ab2-4100-8e3a-98e924e3d699/store_images/U6V4I4DnB9hV-7wggYwMKxVhjuSDAfns_oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ/JXA5rlO7UBP7mOjckVGGtxRO8PUhey1u.png
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-11.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262a85dfb9857b0ae6b4be9eabf7c707e4fe6a9f6f214735b58dfb49751d345c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:25 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Fri, 30 Apr 2021 17:34:59 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: "2ba4f5c8458069fc3c58cff6b73c4852"
x-cache: Miss from cloudfront
x-amz-version-id: null
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 14524
x-amz-cf-id: 8ZMj12iUuIJutOGboelsoUKjOQyM-w6He9b-brtpAK4crYpfl0Bjbg==

GET
H2 200 fp.min.js Show response
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/ Frame 2938 31 KB
13 KB 13ms
13ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js

Requested by

Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 30841
x-jsd-version: 3.3.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 12950
etag: W/"7bda-6e3Kg5ngt2AnGXK7N79XP7Iku90"
x-served-by: cache-fra19182-FRA, cache-hhn4070-HHN
x-jsd-version-type: version
date: Fri, 24 Sep 2021 12:01:24 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 thumbnail.gif
vadooimages.vadoo.tv/Timothy_b25fd62f-4ab2-4100-8e3a-98e924e3d699/videos/oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ/HLS/ Frame 2938 4 MB
4 MB 73ms
73ms Image
binary/octet-stream 143.204.98.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vadooimages.vadoo.tv/Timothy_b25fd62f-4ab2-4100-8e3a-98e924e3d699/videos/oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ/HLS/thumbnail.gif
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a282f4c711b2b8eb0852622fc510aca2c5686050f08d6a6d4077dbb1b7c314ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.vadoo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Sat, 17 Apr 2021 21:36:32 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: "930c5de9295c0f52438c279712a8ebd8"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 4577492
x-amz-cf-id: Avof7cuqarKYZZCf9SM09nd0d0fCGkrfyBjQfEh0Fxu0iuZmpL1qWA==

GET
DATA 200
OK truncated
/ Frame 2938 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee77bb25da8f55be30d21868308413e3d8a0b097d4193e4d2fb4477d284374f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2938 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://api.vadoo.tv
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
BLOB 200
OK afbce595-9206-44b9-842b-13c17c62b7c6
https://api.vadoo.tv/ Frame 7D85 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://api.vadoo.tv/afbce595-9206-44b9-842b-13c17c62b7c6
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c64622f43e20b8c2838f94b33f7c5efc52111e73fad0cd0d3a7f9913b959d712

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 5534
Content-Type: application/javascript

GET
BLOB 200
OK 562120eb-d715-4e35-bd4e-dd9fdf0a0a0b
https://api.vadoo.tv/ Frame 7D85 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://api.vadoo.tv/562120eb-d715-4e35-bd4e-dd9fdf0a0a0b
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2ddab6458b1b34f5f9b2e8638bbe16fd50f83dfbc244128bdacc75c1a2dba98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 78186
Content-Type: application/javascript

GET
BLOB 200
OK d46c0473-2f85-43f1-8cf2-67b757bec69b
https://api.vadoo.tv/ Frame 7D85 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://api.vadoo.tv/d46c0473-2f85-43f1-8cf2-67b757bec69b
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=HgCTAP97xMt3Q204FJ0lwIBZOHcmOv1y
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2ddab6458b1b34f5f9b2e8638bbe16fd50f83dfbc244128bdacc75c1a2dba98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 78186
Content-Type: application/javascript

GET
BLOB 200
OK 26a8595c-7377-431c-8777-e83173bb7f56
https://api.vadoo.tv/ Frame 2938 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://api.vadoo.tv/26a8595c-7377-431c-8777-e83173bb7f56
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c64622f43e20b8c2838f94b33f7c5efc52111e73fad0cd0d3a7f9913b959d712

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 5534
Content-Type: application/javascript

GET
BLOB 200
OK ea83b6d8-d98f-43d3-ba69-9a198907fade
https://api.vadoo.tv/ Frame 2938 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://api.vadoo.tv/ea83b6d8-d98f-43d3-ba69-9a198907fade
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2ddab6458b1b34f5f9b2e8638bbe16fd50f83dfbc244128bdacc75c1a2dba98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 78186
Content-Type: application/javascript

GET
BLOB 200
OK ce0d441a-85fd-45d2-8387-d6b58da7e656
https://api.vadoo.tv/ Frame 2938 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://api.vadoo.tv/ce0d441a-85fd-45d2-8387-d6b58da7e656
Requested by: Host: api.vadoo.tv
URL: https://api.vadoo.tv/iframe_test?id=oFng6t7sv3oEyAXGfNmRdMnjKrpeReDJ
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2ddab6458b1b34f5f9b2e8638bbe16fd50f83dfbc244128bdacc75c1a2dba98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 78186
Content-Type: application/javascript

GET
H2 200 main.bc291327.js.gz Show response
widget.paldesk.io/p/static/js/ Frame 13F6 1 MB
267 KB 35ms
7ms Script
application/javascript 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.paldesk.io/p/static/js/main.bc291327.js.gz?888
Requested by: Host: paldesk.io
URL: https://paldesk.io/api/widget-client?apiKey=41f15bbd4e89dc8057712a4f33f825f0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a978a83bf04a7ea22c7de2e5249cb6a0617d132b8eeed87bec099085be7aa2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 19:08:05 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 06:13:52 GMT
server: AmazonS3
age: 60859
etag: "8ab72ea8048292e07eec96819e23f602"
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 272519
x-amz-cf-id: M0qXn0cJpvY72CYgQBi4FOKnlbT8-oT7Ztjy0LnbBaWOz_yORvhB5w==

GET
H3 200 /
www.facebook.com/tr/ Frame 142C 44 B
88 B 7ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=782648399035086&ev=Microdata&dl=https%3A%2F%2Fkingsumo.com%2F%2Fg%2Fddvftm%2Fyasha-ahayah-scriptures-pdf-giveaway%3Fe%3Dhttps%253A%252F%252Fmoney.faith%252F%26utm_source%3Dhttps%253A%252F%252Fmoney.faith%252F%26utm_campaign%3Dembed&rl=https%3A%2F%2Fmoney.faith%2F&if=true&ts=1632484884642&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Yasha%20Ahayah%20Scriptures%20PDF%20Giveaway!%22%2C%22meta%3Adescription%22%3A%22Yasha%20Ahayah%20Scriptures%20PDF%20Giveaway!%20by%20Ahayah%20Assembly%20(Church).%20Hosted%20by%20KingSumo%20Giveaways%22%2C%22meta%3Akeywords%22%3A%22viral%20giveaways%2C%20online%20marketing%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Yasha%20Ahayah%20Scriptures%20PDF%20Giveaway!%22%2C%22og%3Adescription%22%3A%22Yasha%20Ahayah%20Scriptures%20PDF%20Giveaway!%20by%20Ahayah%20Assembly%20(Church).%20Hosted%20by%20KingSumo%20Giveaways%22%2C%22og%3Aurl%22%3A%22%2F%2Fg%2Fddvftm%2Fyasha-ahayah-scriptures-pdf-giveaway%22%2C%22og%3Asite_name%22%3A%22KingSumo%20Giveaways%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fkingsumowebapp.b-cdn.net%2Fgiveaways%2FTXZDA6lASvsB7n8vWpamVgKR7xMEG7q9INqXXnkS182399%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.46&r=stable&ec=1&o=30&it=1632484883809&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 24 Sep 2021 12:01:24 GMT

GET
H3 200 login_button.php Show response
www.facebook.com/v2.12/plugins/ Frame 1637 31 KB
12 KB 76ms
75ms Document
text/html 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/login_button.php?app_id=410195246098431&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdc190faf1384c%26domain%3Dkingsumo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkingsumo.com%252Ff3049cb8c79e3e4%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey&size=large&use_continue_as=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=800943a6ea347996a6afde4af5c0a724

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

221715224af4f2d6df020f982eb8e2e9c3af89092a81201c8ba74c3c93bd3225

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.12/plugins/login_button.php?app_id=410195246098431&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdc190faf1384c%26domain%3Dkingsumo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkingsumo.com%252Ff3049cb8c79e3e4%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey&size=large&use_continue_as=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kingsumo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kingsumo.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v4.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 9AkG4VsJbh0XYbEYHR/NmpO12B83upjDjp36lhP8k6BQs67nxyJiMVRT/ESbk24aWWxaIxwM3Wbw3bU8pd/OBQ==
date: Fri, 24 Sep 2021 12:01:24 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 szGrb_tkxMW.png
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame 1637 575 B
1 KB 7ms
6ms Image
image/png 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/szGrb_tkxMW.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/login_button.php?app_id=410195246098431&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdc190faf1384c%26domain%3Dkingsumo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkingsumo.com%252Ff3049cb8c79e3e4%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey&size=large&use_continue_as=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

cc13312ee3b6502a952a55e249a3a71bcf95da36b45593ab8cab48d0d07275e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
x-content-type-options: nosniff
content-md5: BjQ+A4BaldazZ9XlN+UhuA==
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 575
x-fb-rlafr: 0
x-fb-debug: FvuUleTCABR2QS2F2pIsNo0wRM8nUwIumlw7e/QCidjGmY+pYKBdBuujI5KfpZT1fJFRfR9uhMV5yP3zJikaBQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 14 Sep 2022 03:00:05 GMT

GET
H2 200 01oFnvEH9_C.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yO/l/en_US/ Frame 1637 513 KB
136 KB 8ms
8ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yO/l/en_US/01oFnvEH9_C.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

59603bb26e917513438811cb8bb3d032fb3316a11e9669df74001d64b1a6d2cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9KTDfPS534j82HNrc+KKZg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 138692
x-fb-rlafr: 0
x-fb-debug: Fg4Srm+vpbEXvnarU12IEA3y2BxD+phl8IQ/5oBvO+wQLrN7nzLg6pzxgOCIJTQpdlyh0wFEOLDDVawWHIVtkA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 23 Sep 2022 21:51:35 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/platform/ Frame 1637 67 B
98 B 49ms
48ms Image
image/png 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/platform/cavalry_endpoint.php?t_cstart=1632484884781&t_start=1632484884781&t_domcontent=1632484884790&t_layout=1632484884837&t_onload=1632484884837&t_paint=1632484884837&t_creport=1632484884837&t_tti=1632484884790&lid=7011469188299344554-0

Requested by

Host: kingsumo.com
URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.12/plugins/login_button.php?app_id=410195246098431&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfdc190faf1384c%26domain%3Dkingsumo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkingsumo.com%252Ff3049cb8c79e3e4%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey&size=large&use_continue_as=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: UGk1/0lcS8xD6ULt6QnXBB9IYoem69UG22bCbe9p9eaMT/8K/Rz2tF9d4mj0TpoXg0t3RzYd+XIwP4VnMOOuUg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Sep 2021 12:01:24 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 icomoon.cdbdb88e.ttf
widget.paldesk.io/p/static/media/ Frame 617D 10 KB
11 KB 143ms
142ms Font
font/ttf 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.paldesk.io/p/static/media/icomoon.cdbdb88e.ttf
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d4be278f5fae26a60a4f51abbdfd9e4f2f3718d94140718ba14ca45b21380d7

Request headers

Referer: https://money.faith/
Origin: https://money.faith
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:26 GMT
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
last-modified: Fri, 13 Aug 2021 06:13:48 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: "cdbdb88e7389f8aa49abcab6c2fbaf67"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: font/ttf
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 10664
x-amz-cf-id: jpcoA1xusD05NNLE3_XNBZu08wpOZsD3jJex6qELzgjDj_4qAH20YA==

GET
H2 200 Roboto-Medium.99fc0816.ttf
widget.paldesk.io/p/static/media/ Frame 617D 134 KB
135 KB 146ms
146ms Font
font/ttf 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.paldesk.io/p/static/media/Roboto-Medium.99fc0816.ttf
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0c8f44a774b8490ceee29889cdabc72381fa35fb621619a78fd28211d90241c

Request headers

Referer: https://money.faith/
Origin: https://money.faith
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:01:26 GMT
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
last-modified: Fri, 13 Aug 2021 06:13:50 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: "99fc0816a09395454061301fefa42bf1"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: font/ttf
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 137308
x-amz-cf-id: 4gLn9H6eujBvk56JelcFNJg_2N8qeWr_nkmovfAb_Si3uD0NfSpK5A==

GET
H2 206 plucky.4cabacf6.mp3
widget.paldesk.io/p/static/media/ Frame 13F6 8 KB
9 KB 11ms
11ms Media
audio/mp3 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.paldesk.io/p/static/media/plucky.4cabacf6.mp3
Requested by: Host: money.faith
URL: https://money.faith/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd9b47e2c02395ae531b94e9329b2eca6c1feeb381b289d676b3a42f2dc2f448

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 24 Sep 2021 03:42:41 GMT
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified: Fri, 13 Aug 2021 06:13:47 GMT
server: AmazonS3
age: 29925
etag: "4cabacf64936db659c9969a0a09c0787"
x-edge-origin-shield-skipped: 0
content-type: audio/mp3
Content-Range: bytes 0-8402/8403
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
Content-Length: 8403
x-amz-cf-id: o0CAF1ovDIyMSz9NlxrwMpRI4_d3dkwy7HeZ8bQEl_LKpNPfO_Lv5Q==

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.money.faith/	1970-01-20 14:59:16	Name: _ga Value: GA1.2.1470009986.1632484883
.money.faith/	1970-01-19 21:29:31	Name: _gid Value: GA1.2.1998601514.1632484883
.money.faith/	1970-01-19 21:28:04	Name: _gat Value: 1
money.faith/	1970-01-20 06:54:00	Name: _pk_id.4.6493 Value: 424b0916a6cb0461.1632484883.1.1632484883.1632484883.
money.faith/	1970-01-19 21:28:06	Name: _pk_ses.4.6493 Value: 1
kingsumo.com/	1970-01-19 21:29:31	Name: XSRF-TOKEN Value: eyJpdiI6IlRTckFXdlwvUTFIcE1lK0JlWFQ3K2p3PT0iLCJ2YWx1ZSI6InZHZXpDYXFJQXg4aGMxb3pwcHVyXC8zQUwyZUcyTXk1NDZ5RjNrblwvOUZPa0hFem1BaHNKNzJYZE5sOFE5QldTVyIsIm1hYyI6Ijk3M2RkMzY0NDJiNGMyNzBlMWFhNzAwMTNhMmI2MzBlZDgyMWI5ODU0NDg5OWM3MzFkNzQ3MDMxNGMzYTBhNjQifQ%3D%3D
kingsumo.com/	1970-01-19 21:29:31	Name: kingsumo_session__ Value: eyJpdiI6IlwvV1hEeHlNVG5rbFdaaCtOT085NEl3PT0iLCJ2YWx1ZSI6Inh1XC84NHgxUEpWcGQwbjlcLzBJVm1oVXk2ZHlzbDlZa3BLN05FaUZvMnlqQjJDUW51MFNVVWN6dnByT2Y2dnVlSSIsIm1hYyI6IjQxZjUxNmMwMWMxMzdjZDUyMWJjNTM0OTQ4ZGU1ZjI0MGVjNTgzNDYwZmQyYzhmMThiNWQzYmVjNTliNTZhZmIifQ%3D%3D
money.faith/	1969-12-31 23:59:59	Name: hasVisitedPopupPage Value: true
money.faith/	1970-01-19 21:38:09	Name: visit_cnt_41f15bbd4e89dc8057712a4f33f825f0 Value: MQ==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://kingsumo.com//g/ddvftm/yasha-ahayah-scriptures-pdf-giveaway?e=https%3A%2F%2Fmoney.faith%2F&utm_source=https%3A%2F%2Fmoney.faith%2F&utm_campaign=embed(Line 165) Message: Blocked autofocusing on a <input> element in a cross-origin subframe.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.vadoo.tv
app.groove.cm
assets.grooveapps.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
dev.vadoo.tv
fonts.googleapis.com
fonts.gstatic.com
image.vadoo.tv
js.sentry-cdn.com
ka-f.fontawesome.com
kingsumo.b-cdn.net
kingsumo.com
kingsumowebapp.b-cdn.net
kit.fontawesome.com
matomo.groovetech.io
maxcdn.bootstrapcdn.com
money.faith
paldesk-stats.herokuapp.com
paldesk.io
static.vadoo.tv
static.xx.fbcdn.net
translate.google.com
translate.googleapis.com
unpkg.com
vadooimages.vadoo.tv
widget.paldesk.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.unpkg.com
104.16.124.175
104.16.125.175
104.16.19.94
104.18.10.207
104.18.21.180
104.18.23.52
104.21.81.131
142.250.184.200
142.250.184.238
142.250.185.206
142.250.185.234
142.250.185.74
142.250.186.35
143.204.98.103
143.204.98.107
143.204.98.11
143.204.98.72
151.101.129.229
151.101.194.217
172.217.23.99
172.67.139.13
172.67.210.92
3.6.240.150
31.13.92.14
31.13.92.36
34.241.115.67
51.161.92.183
52.34.133.113
54.91.6.89
65.2.77.87
89.187.169.47
0801447807f2d646c9e78ec7b73012396ad70b5620994d5b64bfcabb72db019f
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
0abffe0768d60d00efc54d38297110f302455579dfd0d7ea5a531ff0f5ccac59
0becbabe8d82a70b1fa118a53e285850707b60c68faa895b544abad5938a0294
0d3e52b6070cc501b569db924ab163bbfb79adcfd31574fd3c46b3dd44c25adb
0ea4a8d04b4b5174a527d8a1986656d045eae3cc3dc4eb32447ce750ddaa3f9c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11a6767d5674c7e45f7e00dc525762275b3a48491ad6045427d2609cc496c516
16d9f630318a24117d933d7437087728d5aee371795ea3284f646f47c32f35f5
1a52040f550b42d12e69ce0d8938e5d34e703682acda505b755b62b7bcd955ac
1add0e4f52ffe0ac7d47a5e0ff5f99b5fdd8c80905eaec0abddd916b707c146d
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1bb386d5a4bc65df4acf335a8a66e97275690a618925a5305e87d185f3f6a939
1d4be278f5fae26a60a4f51abbdfd9e4f2f3718d94140718ba14ca45b21380d7
221715224af4f2d6df020f982eb8e2e9c3af89092a81201c8ba74c3c93bd3225
23390b122416fed304e402b9355cde31c8462d5d3ab46ac0ccb0ff0bb9f28300
262a85dfb9857b0ae6b4be9eabf7c707e4fe6a9f6f214735b58dfb49751d345c
273e9cd5ec1ba6a73257a105c8b71cbb3810e0d455e9ed3cd51024efaa9b39b5
29d511d7acfe365b091a2e8d59d113e51b547653da370eab49b9f7f30586e5a5
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1
312d73283bc5da1ed1f5c3f77feea6364a09b04e18750c58de00e3c891a31f23
328d898ef6213adc3017530620893ba9a9949753593c99ee857319d4a4918852
32f4560596d4ecabf78b0ba04e9cf9f1d2fed7a42dd1294cb3cc7d228b3c261c
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
37ced0c5c3d579b06f715823a949e25f6ae6ec0a73beb4f83dcc6d6b69f9be61
387521ff9df5b700c157e683da4c2885534a95f1e90e7d54992728b8a788a647
38d59f77c0674f47ebcf18f33ae90eeb2ffb6c734319f3f77165a63bcb7d71b8
38e837fcb23246c0615dbae061d8a3ba30ea4c17a41de227177184741d56886f
3de58a5f760c1e0a73aa2ddc2e549e1e3cbf713ab0e6e4788f2ce31f06a2b220
47a9dac45eb5d5947c5ab8f57d56dbb2c8d1c5b43dce0ce78d578a87ed21afbc
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
4a978a83bf04a7ea22c7de2e5249cb6a0617d132b8eeed87bec099085be7aa2b
4d29119a7333f0747faca59fdd1ba8480b18b42a1c11afb112f2aadef7023f81
4e15faf9a737253797fef5fc1fc265a36868625fb1935c4f9fba527e37eecb2b
50084de771e53f6d51b54dca86a987e5fd7ab79caba2aafecf21a6f5935edd3d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554e57d8db81e52bc9272013575e203896892e27967f2d70b2f3746052255283
561543661447db71370297d82706f3ff6658ff19adbf9fd97ec9fe9abb94635c
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
5949002a116a1582e56d4b4ddc5a6263f24087df3945c9ad2dbc5f6c54578ae4
59603bb26e917513438811cb8bb3d032fb3316a11e9669df74001d64b1a6d2cf
5a0c239a737f99f8eccb6adcf08288b0296fa5cbb1ff6b7170f98306cee0c3f2
5b99e9d59277dbd2407aec935502e3472c57278385b1f8a59148627aa671fb28
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
65c50eb752da5bd01d7f464264925d7a110c60c927345b4d6763347ea550faca
68a6c788c7fecfdfc924d45eb5ee870312e8cdd3bb682158cc7f0f4b81fd5047
68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946
690a84c6d3ae831523ae822e974427a4ec344ca80964fdd200dd1881b4dd70d9
6a2d7107145aecb2ee97d824f1a27662ec2c47245e91f631a6abc4378939dba3
6cf688d07b8dd085f8f1eeadfd93c653caa2f679dbb30a5e64fe55fde212a214
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
70957642d8e07587cbbb514b1718db9cbccafdb211e6c272e9c8df5b5cb4da8f
718fb21468700319da77d6d67b1b392f61444c53d110241653b652d0da16d9f2
71fd350f205136634c080ecc5d0f10423e6424919d35337ef49d23a3b1abbc10
730c4b8e44785206b013991057d7c1835a6874607dd5d685db9b4562ef34084b
737f58a54373c1aa49d507b05f690cddc0a8f4794047a345b4a653aa1b945dc6
78f6c000c96b9a92f983985beb21505973b1cc801087ca8c4db8a7b767804179
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
87b6419f64939b8b29786c254e83d68a4c5f4b7be01e791ce9b478541442022b
87e070f0e9784bf33ffa12691316e78cbd1954752e9bdbf4f42f926edfdbed65
8cc889a677f0ec27b0cdca752c68162e103ecff62e718b4a2e42ff5f726b2f42
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
93c59c00378a6bd85636cfef61601a7010ebfb34cf8a88e7216242060cc384bf
98bd92c3f6c9f0a518424c9e33f4b6a74629cba08cd178af6ae61563bf0abad8
9e50096d5b945319f648f91d352d2ee29d39d9d9af2ceb3706085f636cfd918d
9e995dbe708e7e2172086fe25b676cf88b25113006c26591242a4bb2708a99f6
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a11a70e78cf03019d54774a9181296fb1ea1777d78144ec060b37aeeed050901
a282f4c711b2b8eb0852622fc510aca2c5686050f08d6a6d4077dbb1b7c314ab
a2a6daaa1ab502ed0c962951a3c92b5c3415264e024dc2d46d65908ef48a1553
a31f3b659e4ad0233d740899658f7080712f25a4f2241eabfe9b73573f26ee46
a52b921c6e8a46222fd342ad6262de47895a963f49cbe589d3f1a20d44248950
a8d7fb0ecaa755024d3d26dcccfc88a4617abe9c2c080994668ccacc582a472b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af55d34a07b81e2a9b3489739444f5474d88734d73ccde31266876fc6694b2e9
b6598809d51d1059d62600969f5e91ff682b7e01d574dbcd7f7cef940076fcd0
b8ce1187748d3d0e4f5799f7fdd2548295c9b935d7a3278f99bbb5184176e27c
b9804e687f473346e2d0805878295278bc3c158ce2e31c48b623dadc882d8424
b9c5385fe2a7178bca062410e40f687d8656be20d0db09643c1df7eef914a4a5
b9ef29aa4d5954f0d6dcac8981e1ef64411967a233fc851f087a191f93688c74
bb226fe3a4b91e702645a9712a73b5b0e919d872c90dd9371dd1096bcb6a7967
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb8a74896b23a167b5669b0ecb26100b9295145fdd5a71e08df836638af23061
bca59a6bd087a918e0737305bcde9864d60163de29147402583f71e8b9ae5328
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3e7f02d1150892a4676566c5bc18aa873d816024deeabb1f810a7d5966d2543
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c64622f43e20b8c2838f94b33f7c5efc52111e73fad0cd0d3a7f9913b959d712
c7141e7114d466207e5a0108c2eb813996a7fa35fa1a4d1326cf486506cf6821
c87902daa8ba3f455122e60a20ca71f5e62bd030a458482122c3259823a69fec
cc13312ee3b6502a952a55e249a3a71bcf95da36b45593ab8cab48d0d07275e6
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0c8f44a774b8490ceee29889cdabc72381fa35fb621619a78fd28211d90241c
d219bf9a2d57902584db8194f2d8f6fbd0b939d214884fb3baa9db737d1abd91
d24a723838a981c927acd2f6e53f538756ecc542dcad090e44a7c6814f2f3bad
d2967ac469b76333acfbd4cedf26804bcd98f3fab8488eede39accdbdfc45f06
d78eee5e147ece6afe84fb611720089981207201aa90588a682758f13fb2eac1
d832057e736a2ea95dc18df1e96862cbf133904fe6591391cbbe29e4eb199405
dd8ef617dcea02d6fa605ecbddc1fa4471e7352982451217417a736b0869c3f3
dd9b47e2c02395ae531b94e9329b2eca6c1feeb381b289d676b3a42f2dc2f448
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8922cc1edcd97cab510018cc5e92ec9c549f29e3fe341be4791f2bc011a0ac1
e8c81ea0cd535a4740ac82e0c1337ac43cb517b8e4f646d8f340b3f40804b19b
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ee77bb25da8f55be30d21868308413e3d8a0b097d4193e4d2fb4477d284374f7
f2ddab6458b1b34f5f9b2e8638bbe16fd50f83dfbc244128bdacc75c1a2dba98
f6a258673238b47f8862802e2e6c2226cc3539559b5a194015e92b9d4839a78d
f72db5baeaf6cc741aa905bbeb3be259f063361347236c3c70cc0e4276c5e10d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa517fb783833eeb261722b1a04a11374163f89ff9f760ef87b8e600cd9e1e32
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fc8201c76a7d9ddb07434377fc4b265eb9d79268059a99ea8b868c9b78c35f2c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd4beb82f9d3d0636eb2ef88fefe4504077a2f2e0a74380ad2f011692d9ae80d

money.faith Open in urlscan Pro 172.67.210.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

146 Requests

96 %HTTPS

0 %IPv6

23 Domains

33 Subdomains

33 IPs

6 Countries

15350 kBTransfer

22393 kBSize

9 Cookies

48 Outgoing links

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

money.faith Open in urlscan Pro
172.67.210.92 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

96 %
HTTPS

0 %
IPv6

23
Domains

33
Subdomains

33
IPs

6
Countries

15350 kB
Transfer

22393 kB
Size

9
Cookies

146 HTTP transactions
5 data transactions