urlscan.io logo urlscan.io
SecurityTrails logo

gptfims.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://gptfims.com/filmid-1008042.html
Submission: On November 23 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 29 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is gptfims.com.
TLS certificate: Issued by E1 on November 18th 2023. Valid for: 3 months.
This is the only time gptfims.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
gptfims.com
1    23.109.87.217 (Netherlands)

ASN7979 (SERVERS-COM, US)
tsarkinds.com
1    2600:9000:225e:de00:14:41bb:de80:93a1 (United States)

ASN16509 (AMAZON-02, US)
image.tmdb.org
6    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
t0.gstatic.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t1.gstatic.com
2    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t2.gstatic.com
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t3.gstatic.com
1    2606:4700:3034::6815:24c2 (United States)

ASN13335 (CLOUDFLARENET, US)
im.motiomovie.xyz
3    2606:4700:3033::ac43:b7b4 (United States)

ASN13335 (CLOUDFLARENET, US)
streamlook.me
3    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
i.streamlook.xyz
2    2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
9 gptfims.com
gptfims.com
132 KB
6 gstatic.com
t0.gstatic.com
t1.gstatic.com
t2.gstatic.com
t3.gstatic.com
fonts.gstatic.com
37 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
884 B
3 streamlook.xyz
i.streamlook.xyz
3 streamlook.me
streamlook.me
959 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 364
31 KB
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 16137
widgets.amung.us — Cisco Umbrella Rank: 28950
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
2 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
251 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
91 KB
1 motiomovie.xyz
im.motiomovie.xyz
29 KB
1 tmdb.org
image.tmdb.org — Cisco Umbrella Rank: 20669
9 KB
1 tsarkinds.com
tsarkinds.com
1 KB
29 14
Domain Requested by
9 gptfims.com gptfims.com
5 www.google.com 5 redirects
3 i.streamlook.xyz gptfims.com
3 streamlook.me 3 redirects
2 connect.facebook.net gptfims.com
connect.facebook.net
2 t2.gstatic.com gptfims.com
1 www.facebook.com connect.facebook.net
1 region1.google-analytics.com www.googletagmanager.com
1 ajax.googleapis.com gptfims.com
1 www.googletagmanager.com gptfims.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com gptfims.com
1 widgets.amung.us gptfims.com
1 whos.amung.us 1 redirects
1 im.motiomovie.xyz gptfims.com
1 t3.gstatic.com gptfims.com
1 t1.gstatic.com gptfims.com
1 t0.gstatic.com gptfims.com
1 image.tmdb.org gptfims.com
1 tsarkinds.com gptfims.com
29 20
Subject Issuer Validity Valid
gptfims.com
E1		 2023-11-18 -
2024-02-16		 3 months crt.sh
tsarkinds.com
R3		 2023-11-05 -
2024-02-03		 3 months crt.sh
*.tmdb.org
Amazon RSA 2048 M03		 2023-10-23 -
2024-11-20		 a year crt.sh
motiomovie.xyz
GTS CA 1P5		 2023-10-21 -
2024-01-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-01 -
2023-11-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://gptfims.com/filmid-1008042.html
Frame ID: D350E9BA3A9E840F7759E752AD19BD08
Requests: 28 HTTP requests in this frame

Frame: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1466141dac5be4%26domain%3Dgptfims.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgptfims.com%252Ff2418ff598ca8ec%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fstreamlook&layout=box_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Frame ID: 93E6506362353E2F7A21057CF66D3301
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Talk to Me 2023 streaming vf - GPTfims

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <[^>]+class="[^"]*(?:uk-container|uk-section)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

69 %
HTTPS

94 %
IPv6

14
Domains

20
Subdomains

17
IPs

3
Countries

423 kB
Transfer

1052 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://www.google.com/s2/favicons?sz=44&domain_url=Streamzook.com HTTP 301
  • https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://Streamzook.com&size=44
Request Chain 7
  • https://www.google.com/s2/favicons?sz=44&domain_url=univer-telechargement.xyz HTTP 301
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://univer-telechargement.xyz&size=44
Request Chain 8
  • https://www.google.com/s2/favicons?sz=44&domain_url=allostreaming.one HTTP 301
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://allostreaming.one&size=44
Request Chain 9
  • https://www.google.com/s2/favicons?sz=44&domain_url=ipnstreaming.click HTTP 301
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ipnstreaming.click&size=44
Request Chain 10
  • https://www.google.com/s2/favicons?sz=44&domain_url=flux.streambox.club HTTP 301
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://flux.streambox.club&size=44
Request Chain 12
  • https://streamlook.me/themes/default/assets/flags/United%20States%20of%20America.png HTTP 301
  • https://i.streamlook.xyz/
Request Chain 13
  • https://streamlook.me/themes/default/assets/flags/France.png HTTP 301
  • https://i.streamlook.xyz/
Request Chain 14
  • https://streamlook.me/themes/default/assets/flags/South%20Korea.png HTTP 301
  • https://i.streamlook.xyz/
Request Chain 15
  • https://whos.amung.us/widget/filmtubelive.png HTTP 307
  • https://widgets.amung.us/classic/00/39.png

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request filmid-1008042.html
gptfims.com/ 		68 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gptfims.com/filmid-1008042.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f13d7105c0d8f9f58bcbf3caf27d98358f55cea70469738e066f00ac703cf9f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82a5dc50af0a9c0a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 02:07:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUg%2BOasclHT6%2F699yuUn%2F6oDuD5CcsSwi7lNG1kivVbjG7RGBEdGslL2c%2FmiC2U9PfqQOmeCdrY283kgOcPS98zM9FlWA9wITK9bD1IjpHtHeRjPHuinf2Ov2tGBrMJjOQ4SOWZIIHCXFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-cache
MISS
uikit.min.css
gptfims.com/skin/phim98/assets/css/ 		118 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gptfims.com/skin/phim98/assets/css/uikit.min.css
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7aa0dfc05cc04f6fc4cb33349134266fe877c996130d0ec8e9ac028ad3da18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/filmid-1008042.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:07:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22744
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 22 Nov 2023 11:37:10 GMT
server
cloudflare
etag
W/"655de7e6-1d9ce"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tm%2FDSdUNvpyNkiLea4rVhJllGVX%2FW1zA2BeEza%2Bu8r3NA0cR%2BWHyDtHbL0cg%2BMXXxaRBWQmMUihgnlkuOtZ5OlcDegtkUTACEOO0ChC4zvecCny9NfjBjBjpGMUcl4c2oJkwx20zVHl9Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
82a5dc51afa19c0a-FRA
expires
Thu, 23 Nov 2023 07:37:27 GMT
featherlight.css
gptfims.com/skin/phim98/assets/css/ 		1 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gptfims.com/skin/phim98/assets/css/featherlight.css
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71c6b127bd70659c84b8a06d8f363f212f1f838ae1bd679ae0dc87abac6c4592

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/filmid-1008042.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:07:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22744
cf-polished
origSize=3295
x-cache
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 22 Nov 2023 11:37:10 GMT
server
cloudflare
etag
W/"655de7e6-cdf"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeRwvyhSokhpDWTFrJtaVlSiT810xBWtmdVz8W9n3%2BRKcLYlUriLFSVNiMZ8nMnCh0WXMcjm%2BEIuGytJIQNsPU6SFR0mVINttVuv2TBZvSylSvAfiGGYGIJqiEGa0Z5x3%2FcoFtyV2aFocQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
82a5dc51afa29c0a-FRA
expires
Thu, 23 Nov 2023 07:36:25 GMT
jquery.dropdown.min.css
gptfims.com/skin/phim98/assets/css/ 		2 KB
788 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gptfims.com/skin/phim98/assets/css/jquery.dropdown.min.css
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39937253377a13d4e688a43eec499edc23e530832de6b771edffd8dd329d8f93

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/filmid-1008042.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:07:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22744
x-cache
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 22 Nov 2023 11:37:10 GMT
server
cloudflare
etag
W/"655de7e6-651"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BYzY%2F1xEUl%2Fs78cvuzduDD8XFjcMK823GSBpjh4xjziCqdV73ow5JrhUqqQCLWyvJvvMpnMcOrF0S97GLtHifIj%2B0aiZ8108sPre0tqvGnc8vD0AP%2FDBUGL9ls9d%2BwLS5yViY5nyn5Oow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
82a5dc51afa39c0a-FRA
expires
Thu, 23 Nov 2023 07:37:27 GMT
theme.css
gptfims.com/skin/phim98/assets/css/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gptfims.com/skin/phim98/assets/css/theme.css
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985225b8af82b37cb5310eda8b563bb761fff883f0807c93ea811ae8cd475cb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/filmid-1008042.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:07:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22744
cf-polished
origSize=37623
x-cache
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 22 Nov 2023 11:37:10 GMT
server
cloudflare
etag
W/"655de7e6-92f7"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttOQ8h4n7K73gwKLfcvWKZ9%2FGHtb1AboPHxQ2ayCwlXbtTILrMI8AY1IX6vqe%2Bz%2Bl4mmtvCrQYQq9E9ZWyyyhFuDDIqJKhWg7eDuwQR1c9mhyAuEebQ5Y7KzNOOD1Ddod46KCGH3q42pBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
82a5dc51afa49c0a-FRA
expires
Thu, 23 Nov 2023 07:37:27 GMT
37966
tsarkinds.com/frq7jexWEDT91z/ 		6 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tsarkinds.com/frq7jexWEDT91z/37966
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.87.217 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 02:07:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://gptfims.com
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Vary
Accept-Encoding
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
wFtk4YED1WZ8UIbAqIlqzEMHPoy.jpg
image.tmdb.org/t/p/w185/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.tmdb.org/t/p/w185/wFtk4YED1WZ8UIbAqIlqzEMHPoy.jpg
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:de00:14:41bb:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
7e28b448af2d7e9aedccd778ed147b95e39f75a8cdd2cd78860744866cfa6043

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:48:30 GMT
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
670756
x-cache
Hit from cloudfront
cache-tag
wFtk4YED1WZ8UIbAqIlqzEMHPoy
imagery
degrade=75, sample=1x1, difference=2.052
alt-svc
h3=":443"; ma=86400
content-length
8340
last-modified
Tue, 24 Jan 2023 04:17:49 GMT
server
openresty
etag
"7d58de8ace89464872333b7968967608"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-id
Mdln95JsYHmjhetiZ3r30xLMYFQRJWGhVdbdFGLJ4J2Ve6ElJRipUQ==
faviconV2
t0.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?sz=44&domain_url=Streamzook.com
  • https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://Streamzook.com&size=44
327 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://Streamzook.com&size=44
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76471b12672d768dc65232782d7b357903a3184ffb6400fe9add7d6815531ae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 19:21:18 GMT
x-content-type-options
nosniff
age
542789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
327
x-xss-protection
0
last-modified
Wed, 29 Nov 2017 12:34:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://streamloock.com/assets/favicons/favicon-16x16.png
expires
Thu, 23 Nov 2023 19:21:18 GMT

Redirect headers

date
Thu, 23 Nov 2023 02:07:47 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://Streamzook.com&size=44
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Thu, 23 Nov 2023 02:37:47 GMT
faviconV2
t1.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?sz=44&domain_url=univer-telechargement.xyz
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://univer-telechargement.xyz&size=44
551 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://univer-telechargement.xyz&size=44
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e8d0e011db64732cc81f03c09968d4a85c32bef9f53c5ae2c09c5628bc42618
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:24:51 GMT
x-content-type-options
nosniff
age
384176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
551
x-xss-protection
0
last-modified
Thu, 26 Dec 2019 22:20:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://univer-telechargement.xyz/favicon.ico
expires
Sat, 25 Nov 2023 15:24:51 GMT

Redirect headers

date
Thu, 23 Nov 2023 02:07:47 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://univer-telechargement.xyz&size=44
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Thu, 23 Nov 2023 02:37:47 GMT
faviconV2
t2.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?sz=44&domain_url=allostreaming.one
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://allostreaming.one&size=44
383 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://allostreaming.one&size=44
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a026f002f20b16bc1de4d1336b735fba671a65cce574544910e2e5d65909a81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:07:47 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
383
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 14:37:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://allostreaming.one/images/659f277cc894aceedebe5badc1332671.png
expires
Thu, 30 Nov 2023 02:07:47 GMT

Redirect headers

date
Thu, 23 Nov 2023 02:07:47 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://allostreaming.one&size=44
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Thu, 23 Nov 2023 02:37:47 GMT
faviconV2
t2.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?sz=44&domain_url=ipnstreaming.click
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ipnstreaming.click&size=44
315 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ipnstreaming.click&size=44
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091488770be9cd24d0583da6834c6e892cc0a26533e2b0442a8ef44f1bbe372b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:07:47 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
315
x-xss-protection
0
last-modified
Wed, 02 Dec 2020 07:23:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://club.ipnstreaming.click/images/cropped-telechargement-symbole-2020-32x32.png
expires
Thu, 30 Nov 2023 02:07:47 GMT

Redirect headers

date
Thu, 23 Nov 2023 02:07:47 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ipnstreaming.click&size=44
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
338
x-xss-protection
0
expires
Thu, 23 Nov 2023 02:37:47 GMT
faviconV2
t3.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?sz=44&domain_url=flux.streambox.club
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://flux.streambox.club&size=44
551 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://flux.streambox.club&size=44
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e8d0e011db64732cc81f03c09968d4a85c32bef9f53c5ae2c09c5628bc42618
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 14:15:07 GMT
x-content-type-options
nosniff
age
388360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
551
x-xss-protection
0
last-modified
Thu, 26 Dec 2019 22:20:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://flux.streambox.club/favicon.ico
expires
Sat, 25 Nov 2023 14:15:07 GMT

Redirect headers

date
Thu, 23 Nov 2023 02:07:47 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://flux.streambox.club&size=44
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
339
x-xss-protection
0
expires
Thu, 23 Nov 2023 02:37:47 GMT
post-149921-625dab58da103.jpg
im.motiomovie.xyz/nimag/vpn.inform.click/wp-content/uploads/2022/04/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://im.motiomovie.xyz/nimag/vpn.inform.click/wp-content/uploads/2022/04/post-149921-625dab58da103.jpg
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:24c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.28
Resource Hash
6c3d3dff7463eddf92da2e83052a6f37e55b75416d0e0c26f092e3cd105d368d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
private
date
Thu, 23 Nov 2023 02:07:47 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-webcom-cache-status
BYPASS
server
cloudflare
x-powered-by
PHP/8.0.28
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5DEl101LQYnx8f5dAQxlN7gVrVkWf6%2Fd%2Fh3UZgMG4LpJoKvkscPvRf%2FxcjHQa%2FHYlBlivmtrOprm4IALjY5aJfBE8VdEuGFdCGP8VrEITDN2L%2FXrfz7VHiYVeQNqgaKhsLVCW0aH1qRGy3o%2Fv8uWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
private, max-age=10800, pre-check=10800
cf-ray
82a5dc520da51a6b-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 24 Nov 23 21:07:47 -0500
/
i.streamlook.xyz/
Redirect Chain
  • https://streamlook.me/themes/default/assets/flags/United%20States%20of%20America.png
  • https://i.streamlook.xyz/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.streamlook.xyz/
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date
Thu, 23 Nov 2023 02:07:47 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2Ba1sz0ZxNjNTwGExuQoMVyJC8cYk1JJ9TN9JRCwDkOy%2BO8D7D70k2eHanvIC75AaacrNU0TXlJO89baYsjbEkqVxeUMVBbhdvJ3EruzI0GyJdtyJca1NGTzsuf0Cua2FrqzQUfMJyf9VCAk"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://i.streamlook.xyz/
cache-control
max-age=14400
cf-ray
82a5dc521df64d79-FRA
alt-svc
h3=":443"; ma=86400
/
i.streamlook.xyz/
Redirect Chain
  • https://streamlook.me/themes/default/assets/flags/France.png
  • https://i.streamlook.xyz/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.streamlook.xyz/
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date
Thu, 23 Nov 2023 02:07:47 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lgt%2FdHaYd185XJumsejf01b14cr0ejP54jUxPecOsbacCmnYqnaO8tzrc9Jira9LsVArL1hApZS6B2XYwDoeoA2inx4CLhKkd%2FN5ogpRsHbi9iF7EQv9RIFTZ4o59xOo7cKOin52d%2Bt%2BjGcE"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://i.streamlook.xyz/
cache-control
max-age=14400
cf-ray
82a5dc521df34d79-FRA
alt-svc
h3=":443"; ma=86400
/
i.streamlook.xyz/
Redirect Chain
  • https://streamlook.me/themes/default/assets/flags/South%20Korea.png
  • https://i.streamlook.xyz/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.streamlook.xyz/
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date
Thu, 23 Nov 2023 02:07:47 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpZqdfAy2%2FrjMrtlxgNBmmb0oBfdWhvnEofAX4QEHfQeuQREkND%2F4WDT4mopowtotITWIiGfYyDeGdCPKulzcv0jQz0bpblpt1ZPZ1rDINuCjD1F4DPn3OIcGVTG23bbjgEE9BykPX5z63eX"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://i.streamlook.xyz/
cache-control
max-age=14400
cf-ray
82a5dc525e1c4d79-FRA
alt-svc
h3=":443"; ma=86400
39.png
widgets.amung.us/classic/00/
Redirect Chain
  • https://whos.amung.us/widget/filmtubelive.png
  • https://widgets.amung.us/classic/00/39.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/classic/00/39.png
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
154f1c097be42e48d6a370a6a0711ac0ba886cff0d6e8b92330f67ee1168be6a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:07:47 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:03:09 GMT
server
cloudflare
age
931845
etag
"4c149ecd-600"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
82a5dc5398e518d3-FRA
content-length
1536
expires
Mon, 13 Nov 2023 07:17:02 GMT

Redirect headers

location
https://widgets.amung.us/classic/00/39.png
date
Thu, 23 Nov 2023 02:07:47 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82a5dc52a86718d3-FRA
content-type
text/html; charset=UTF-8
rocket-loader.min.js
gptfims.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gptfims.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/filmid-1008042.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65568fe4-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeV19%2BjXJYKwWS81FvrjB3UF9u8WenxMovdj0mO6AihI53tmvQsK1Gdog7QZ4d9dvfgOxNsUCosd8T1UluhF75NTKAOGkHrElh2iBbSZhbJ2ZRw6rvSIVufaNqBjNeILMoQvJNzTF42nOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82a5dc51cfb89c0a-FRA
expires
Sat, 25 Nov 2023 02:07:47 GMT
css
fonts.googleapis.com/ 		3 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: gptfims.com
URL: https://gptfims.com/skin/phim98/assets/css/theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9f432863c5ab1b06046dad2eb47b0171fd1601a468a3ab874f66ceed27be4c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 02:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 00:16:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 02:07:47 GMT
spotlight.png
gptfims.com/skin/phim98/assets/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gptfims.com/skin/phim98/assets/img/spotlight.png
Requested by
Host: gptfims.com
URL: https://gptfims.com/skin/phim98/assets/css/theme.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c236977f6c1c9fc196d8fe205d0a5ba73d52b7627a6b05a0998dc84928974ea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/skin/phim98/assets/css/theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:07:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
832323
x-cache
EXPIRED
alt-svc
h3=":443"; ma=86400
content-length
4690
last-modified
Fri, 10 Nov 2023 02:27:46 GMT
server
cloudflare
etag
"654d9522-1252"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQWkK%2Fh7tkwkBJU1utTlyn2KoTNjwqZ38PKZ%2FKXuZ9CIfoGrzu2UdQZiH0FvvL9R7jzYxD31O35efx5WQrkrg6UqD%2BYEI4KkFYnrAnprbZOxKHv4vJ2OIInOA%2Bpiyu8lGk%2BZiDk5J4Cd6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
82a5dc526eaf18d7-FRA
expires
Wed, 13 Dec 2023 10:53:30 GMT
fontawesome-webfont.woff2
gptfims.com/skin/phim98/assets/fonts/ 		69 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gptfims.com/skin/phim98/assets/fonts/fontawesome-webfont.woff2
Requested by
Host: gptfims.com
URL: https://gptfims.com/skin/phim98/assets/css/uikit.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3

Request headers

Referer
https://gptfims.com/skin/phim98/assets/css/uikit.min.css
Origin
https://gptfims.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:07:47 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 22 Nov 2023 11:37:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"655de7e6-1142c"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnT%2BNcr0gQwE5vKoZb17pd2C0O2DrTFvgbFbl%2FeS%2F4x%2BY95z%2BHW%2BRtDr8iQ9WjvENHRMMoX2gntlk8jYvNlkO7Lsb0KRVghAi1KnPx3N7D8jq68B7Fy2ifWTQSZOifsnEGTdUBtz7v1tlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82a5dc526eb818d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
70700
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gptfims.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 07:18:49 GMT
x-content-type-options
nosniff
age
413338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 07:18:49 GMT
js
www.googletagmanager.com/gtag/ 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GMYDK8Y25C
Requested by
Host: gptfims.com
URL: https://gptfims.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6bc0025cb39e9b225219bef9bc50c8d224e23a4962d0ad650c6e0c2b72b7968a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:07:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92807
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 02:07:47 GMT
jqery_min.js
gptfims.com/skin/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gptfims.com/skin/jqery_min.js
Requested by
Host: gptfims.com
URL: https://gptfims.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4438fa9006ac5492c7370f0943decc86fe3eb80bb2864c1fcf1ac1b951625d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/filmid-1008042.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:07:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25321
cf-polished
origSize=2087
x-cache
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 22 Nov 2023 11:30:01 GMT
server
cloudflare
etag
W/"655de639-827"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62RCwiDnpHjgdSQHzAtnTWxVCs94Ckzu4XSlcR%2BCWEwU8jTrp2qlqABX4zy%2FruxSd0QpbCv8N4TduitOHz2lKvSuvMhK5hNCmzhZfkg0iRtpFgnFsSfi5L0ln87tJq%2B44EgYGv7616ZAWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
82a5dc529ed618d7-FRA
expires
Thu, 23 Nov 2023 06:58:48 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
Requested by
Host: gptfims.com
URL: https://gptfims.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
466761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30089
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 16:28:26 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: gptfims.com
URL: https://gptfims.com/filmid-1008042.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
35b85ae2a56f48b056143cc23a06b90c554e3954848b7dfa5929cd16bf4c49d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 02:07:47 GMT
content-md5
Vk97xwB484/PXt/PK3DX/g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
pX/5XPkvM+i/BWQqkqbJW/3w9gU9yzB87kgwUtv99hSqRsXROyePYw8LirgmnCy57nDUGnGarkxmIgHC6Vb7aw==
x-fb-content-md5
208cc4c31ce46875238eb5f6735fdc3a
cross-origin-opener-policy
same-origin-allow-popups
etag
"2caa4a31c84b0617553d984f449767df"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 23 Nov 2023 02:18:44 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GMYDK8Y25C&gtm=45je3b81v9119301869&_p=1700705267872&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1827457360.1700705268&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700705267&sct=1&seg=0&dl=https%3A%2F%2Fgptfims.com%2Ffilmid-1008042.html&dt=Talk%20to%20Me%202023%20streaming%20vf%20-%20GPTfims&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=656
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GMYDK8Y25C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gptfims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 02:07:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gptfims.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		302 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=2bf2fff89e6fb22d776b33e982e58301
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0cd111ff17b3697efda1f7da8eca2e9deed835f0f53c86a6b99079299e0221ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://gptfims.com/
Origin
https://gptfims.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 02:07:47 GMT
content-md5
pZSkdhEjpgXH7JkhIEsJPg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88330
reporting-endpoints
x-fb-debug
nbX0Yfz5n/cwX6rIh+taCJsz+CZPaessVmCUtFM/jKBaC1Rdd4BFMXUKv5s3ustiULu/35SrlPbb33gOtXiVAQ==
x-fb-content-md5
d02bdb2bda73ce1082b5d09edd5f34ce
cross-origin-opener-policy
same-origin-allow-popups
etag
"ec30f02aa64abcbfab9f814ece1e98b1"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Nov 2024 01:45:34 GMT
like.php
www.facebook.com/v3.0/plugins/ Frame 93E6 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1466141dac5be4%26domain%3Dgptfims.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgptfims.com%252Ff2418ff598ca8ec%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fstreamlook&layout=box_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=2bf2fff89e6fb22d776b33e982e58301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gptfims.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Nov 2023 02:07:48 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
rjj+GasxTYI8jqJyZWTqhTmKcDOEDPc9GobqXcfd9B8N61MoEkhHVaU+QSm0sCcCbG7A3UKmnUTNmZir/Gm/ig==
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| __cfQR function| $ function| jQuery function| myFunction object| UIkit function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| FB object| __buffer

4 Cookies

Domain/Path Name / Value
tsarkinds.com/ Name: GL_UI4
Value: eJw9jd1Og0AUhKH8VS3oJDyAj8C2Iu2l8SG8JGfZU4qF3WZZIb69GxO9mi%2BTbzJBEGzKR4RLmiD6ohrPQjaKGz7ulRTi9UCyIXF42XOt%2BHyq6Yi7YW4dyZFdjO08kXWtW2LsetZsh67tjOIcT976a67arDpGIi1plSOZvDHmyKQ168y2jBBrmhjp%2B8Uan8lEn8YiEuLkedCewwobM5dRcY%2FsY9DKD4sdNqIqijTAw20kdzZ2ageVhkh6S4oRvmHbkePe2G9kiuerMzfAjKr9939%2Fo1VUSBUvQ%2BfPjbuw%2FQGUrE67
tsarkinds.com/ Name: GL_GI10
Value: eJw1ir0KwjAURpM7REQdPuzi1icIpPiDa1VciqPOaXvRgCYlCYJvbx1cDofDEUJQMQe5AYv9RlfGaLPe6l0FeQcdT6DOY3Lm%2BLL%2BAxlB9diix6yxvi9rjk%2FnITuovzqsGraJb9yWF86PMY9nKmt91SCfMD2EOIRoM0MOSoJy%2BDH1hYB8q%2BUXggsi7A%3D%3D
.gptfims.com/ Name: _ga_GMYDK8Y25C
Value: GS1.1.1700705267.1.0.1700705267.0.0.0
.gptfims.com/ Name: _ga
Value: GA1.1.1827457360.1700705268

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gptfims.com
i.streamlook.xyz
im.motiomovie.xyz
image.tmdb.org
region1.google-analytics.com
streamlook.me
t0.gstatic.com
t1.gstatic.com
t2.gstatic.com
t3.gstatic.com
tsarkinds.com
whos.amung.us
widgets.amung.us
www.facebook.com
www.google.com
www.googletagmanager.com
2001:4860:4802:34::36
23.109.87.217
2600:9000:225e:de00:14:41bb:de80:93a1
2606:4700:10::ac43:88d
2606:4700:3033::ac43:b7b4
2606:4700:3034::6815:24c2
2a00:1450:4001:800::200a
2a00:1450:4001:806::2004
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:828::2008
2a00:1450:4001:831::2004
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
091488770be9cd24d0583da6834c6e892cc0a26533e2b0442a8ef44f1bbe372b
0cd111ff17b3697efda1f7da8eca2e9deed835f0f53c86a6b99079299e0221ce
154f1c097be42e48d6a370a6a0711ac0ba886cff0d6e8b92330f67ee1168be6a
35b85ae2a56f48b056143cc23a06b90c554e3954848b7dfa5929cd16bf4c49d7
39937253377a13d4e688a43eec499edc23e530832de6b771edffd8dd329d8f93
3c236977f6c1c9fc196d8fe205d0a5ba73d52b7627a6b05a0998dc84928974ea
4a026f002f20b16bc1de4d1336b735fba671a65cce574544910e2e5d65909a81
5e8d0e011db64732cc81f03c09968d4a85c32bef9f53c5ae2c09c5628bc42618
6bc0025cb39e9b225219bef9bc50c8d224e23a4962d0ad650c6e0c2b72b7968a
6c3d3dff7463eddf92da2e83052a6f37e55b75416d0e0c26f092e3cd105d368d
71c6b127bd70659c84b8a06d8f363f212f1f838ae1bd679ae0dc87abac6c4592
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
76471b12672d768dc65232782d7b357903a3184ffb6400fe9add7d6815531ae7
7e28b448af2d7e9aedccd778ed147b95e39f75a8cdd2cd78860744866cfa6043
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
985225b8af82b37cb5310eda8b563bb761fff883f0807c93ea811ae8cd475cb7
9f432863c5ab1b06046dad2eb47b0171fd1601a468a3ab874f66ceed27be4c0f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3
c4438fa9006ac5492c7370f0943decc86fe3eb80bb2864c1fcf1ac1b951625d2
cb7aa0dfc05cc04f6fc4cb33349134266fe877c996130d0ec8e9ac028ad3da18
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f13d7105c0d8f9f58bcbf3caf27d98358f55cea70469738e066f00ac703cf9f6