www.blackfridaycrypto.org Open in urlscan Pro
2a00:1450:4001:831::2013  Public Scan

Submitted URL: http://blackfridaycrypto.org/
Effective URL: https://www.blackfridaycrypto.org/
Submission: On January 16 via manual from US — Scanned from DE

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 44 HTTP transactions. The main IP is 2a00:1450:4001:831::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.blackfridaycrypto.org.
TLS certificate: Issued by GTS CA 1D4 on November 20th 2021. Valid for: 3 months.
This is the only time www.blackfridaycrypto.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
703 KB
7 tickcounter.com
www.tickcounter.com — Cisco Umbrella Rank: 50067
39 KB
7 google.com
apis.google.com — Cisco Umbrella Rank: 122
151 KB
6 googleusercontent.com
lh5.googleusercontent.com — Cisco Umbrella Rank: 136
lh4.googleusercontent.com — Cisco Umbrella Rank: 410
lh3.googleusercontent.com — Cisco Umbrella Rank: 68
lh6.googleusercontent.com — Cisco Umbrella Rank: 436
1408141185-atari-embeds.googleusercontent.com
285 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202
26 KB
5 blackfridaycrypto.org
blackfridaycrypto.org
www.blackfridaycrypto.org
12 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
ajax.googleapis.com — Cisco Umbrella Rank: 258
34 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
44 8
Domain Requested by
7 www.tickcounter.com www.blackfridaycrypto.org
www.tickcounter.com
7 apis.google.com www.blackfridaycrypto.org
apis.google.com
www.gstatic.com
1408141185-atari-embeds.googleusercontent.com
7 www.gstatic.com www.blackfridaycrypto.org
www.gstatic.com
5 cdnjs.cloudflare.com www.tickcounter.com
4 fonts.gstatic.com fonts.googleapis.com
4 www.blackfridaycrypto.org 1 redirects www.gstatic.com
3 fonts.googleapis.com www.blackfridaycrypto.org
2 lh4.googleusercontent.com www.blackfridaycrypto.org
1 www.google-analytics.com www.tickcounter.com
1 ajax.googleapis.com www.tickcounter.com
1 1408141185-atari-embeds.googleusercontent.com www.gstatic.com
1 lh6.googleusercontent.com www.blackfridaycrypto.org
1 lh3.googleusercontent.com www.blackfridaycrypto.org
1 lh5.googleusercontent.com www.blackfridaycrypto.org
1 blackfridaycrypto.org 1 redirects
44 15

This site contains links to these domains. Also see Links.

Domain
www.google.com
Subject Issuer Validity Valid
www.blackfridaycrypto.org
GTS CA 1D4
2021-11-20 -
2022-02-18
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.tickcounter.com
R3
2021-12-21 -
2022-03-21
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.blackfridaycrypto.org/
Frame ID: 3395080258C9F2060875120D4742521D
Requests: 24 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__&r=62210762
Frame ID: 5432C181201D9C5241B6B71F6CDA367B
Requests: 3 HTTP requests in this frame

Frame: https://1408141185-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Frame ID: ABFE8604935A7BF804DDB2A8EE8E7485
Requests: 3 HTTP requests in this frame

Frame: https://www.tickcounter.com/static/js/loader.js
Frame ID: B1FD751ABA7204FB449F82CCB8B205D8
Requests: 1 HTTP requests in this frame

Frame: https://www.tickcounter.com/widget/countdown/2889397
Frame ID: 8D09C8C7E5864C10592A2A32F263E588
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

BLACKFRIDAYCRYPTO.COM

Page URL History Show full URLs

  1. http://blackfridaycrypto.org/ HTTP 301
    http://www.blackfridaycrypto.org/ HTTP 301
    https://www.blackfridaycrypto.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • moment-timezone(?:-data)?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

100 %
HTTPS

100 %
IPv6

8
Domains

15
Subdomains

10
IPs

2
Countries

1271 kB
Transfer

3423 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://blackfridaycrypto.org/ HTTP 301
    http://www.blackfridaycrypto.org/ HTTP 301
    https://www.blackfridaycrypto.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.blackfridaycrypto.org/
Redirect Chain
  • http://blackfridaycrypto.org/
  • http://www.blackfridaycrypto.org/
  • https://www.blackfridaycrypto.org/
51 KB
12 KB
Document
General
Full URL
https://www.blackfridaycrypto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce053b55704859ff738346254d435eb2e0caa348137533bec24c0dae4fe6c57c
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-LnJ6ccG+Id5mMY8gg1ys6A' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
x-frame-options
DENY
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 16 Jan 2022 19:02:59 GMT
cross-origin-opener-policy
unsafe-none
content-security-policy
base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-LnJ6ccG+Id5mMY8gg1ys6A' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
referrer-policy
strict-origin-when-cross-origin
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

Content-Type
application/binary
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Date
Sun, 16 Jan 2022 19:02:58 GMT
Location
https://www.blackfridaycrypto.org/
Server
ESF
Content-Length
0
X-XSS-Protection
0
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C700&display=swap
Requested by
Host: www.blackfridaycrypto.org
URL: https://www.blackfridaycrypto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c227fdcc79722f44353d6871fab848719a1ce0a0f2b3f3049869051472d8ae11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 16 Jan 2022 18:43:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 16 Jan 2022 19:02:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jan 2022 19:02:59 GMT
css
fonts.googleapis.com/
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Requested by
Host: www.blackfridaycrypto.org
URL: https://www.blackfridaycrypto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86ead8b89b5f4e968dc2a4631720df2435e2b42d7fbffef9de8b0a6a80351eb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 16 Jan 2022 17:07:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 16 Jan 2022 19:02:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jan 2022 19:02:59 GMT
css
fonts.googleapis.com/
4 KB
663 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald%3Ai%2Cbi%2C700%2C400&display=swap
Requested by
Host: www.blackfridaycrypto.org
URL: https://www.blackfridaycrypto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9bc35dbe1abf239538dec80344465bea851dbabdad61c5208ba6c217bbe6144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 16 Jan 2022 19:02:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 16 Jan 2022 19:02:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jan 2022 19:02:59 GMT
rs=AGEqA5lh_OE8BDJXx1WjoKOqsdyO-iOrsw
www.gstatic.com/_/atari/_/ss/k=atari.vw._FYcwPVorWA.L.W.O/d=1/
562 KB
86 KB
Stylesheet
General
Full URL
https://www.gstatic.com/_/atari/_/ss/k=atari.vw._FYcwPVorWA.L.W.O/d=1/rs=AGEqA5lh_OE8BDJXx1WjoKOqsdyO-iOrsw
Requested by
Host: www.blackfridaycrypto.org
URL: https://www.blackfridaycrypto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3033dea4fa8d7b6aed0a99d168037da30b5baa448c969bd8a78ee213bbc4906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 16:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87671
x-xss-protection
0
last-modified
Tue, 28 Dec 2021 16:08:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Fri, 13 Jan 2023 16:57:17 GMT
client.js
apis.google.com/js/
13 KB
6 KB
Script
General
Full URL
https://apis.google.com/js/client.js?onload=gapiLoaded
Requested by
Host: www.blackfridaycrypto.org
URL: https://www.blackfridaycrypto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f7909a9c921d04ec15febfbdfeb03ff1afc3470add1882e7639c045f1d8126e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FD1e9WxRLwei0cuydKtnkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
etag
"9ef144b9dcd556059eaea35b0511ad11"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-FD1e9WxRLwei0cuydKtnkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sun, 16 Jan 2022 19:02:59 GMT
evOEV51kWvTKl9Hk3uNdhjfCMxRLLSyimcSX5W08wb6702J35QUKth6ENixUWtDof2E-vio7njrARB49ncvJmJ8=w16383
lh5.googleusercontent.com/
21 KB
21 KB
Image
General
Full URL
https://lh5.googleusercontent.com/evOEV51kWvTKl9Hk3uNdhjfCMxRLLSyimcSX5W08wb6702J35QUKth6ENixUWtDof2E-vio7njrARB49ncvJmJ8=w16383
Requested by
Host: www.blackfridaycrypto.org
URL: https://www.blackfridaycrypto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
43bef9a031535fd46e96acc6340b0f6a4d3d2545d3f91929d004ab1ed80dab89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="LOGO.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21266
x-xss-protection
0
expires
Mon, 17 Jan 2022 19:03:00 GMT
0OBpzN6Vi_VNGkO6TX5SnbTPfQ9i3xxbXg32FxrQF4Ay0j-0WoYxAgLtNrUYyT6BJXgmGabVug2kdcDWcUSjkp2Yh8w0X-3NNPDTqmEQBZCXpJFT3RSfQri3g1oJDqpb2g=w1280
lh4.googleusercontent.com/
43 KB
43 KB
Image
General
Full URL
https://lh4.googleusercontent.com/0OBpzN6Vi_VNGkO6TX5SnbTPfQ9i3xxbXg32FxrQF4Ay0j-0WoYxAgLtNrUYyT6BJXgmGabVug2kdcDWcUSjkp2Yh8w0X-3NNPDTqmEQBZCXpJFT3RSfQri3g1oJDqpb2g=w1280
Requested by
Host: www.blackfridaycrypto.org
URL: https://www.blackfridaycrypto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f0d7ab1b14b0e994c5de7895010b4dc3428ff5fae3f2a42d34958203dfe0b45e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Partner.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44148
x-xss-protection
0
expires
Mon, 17 Jan 2022 19:03:00 GMT
Lii9Yt4Az4O8OJOZx35kzV98Qsc6xe_aBfCWNPO6YOcAfl-I3f5oGno53T2uDOMXm54alyRnLWN3IAWZgVt_Y5mNoP8FOsXBYV2-HUmUtMUtUhPdlw1r-2WnpD6_6JVE8w=w1280
lh3.googleusercontent.com/
35 KB
35 KB
Image
General
Full URL
https://lh3.googleusercontent.com/Lii9Yt4Az4O8OJOZx35kzV98Qsc6xe_aBfCWNPO6YOcAfl-I3f5oGno53T2uDOMXm54alyRnLWN3IAWZgVt_Y5mNoP8FOsXBYV2-HUmUtMUtUhPdlw1r-2WnpD6_6JVE8w=w1280
Requested by
Host: www.blackfridaycrypto.org
URL: https://www.blackfridaycrypto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bfa51b0b6638439005ae05498e40e9eaa1d594ae24235e8a4048cac31aa7caf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Listing.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35657
x-xss-protection
0
expires
Mon, 17 Jan 2022 19:03:00 GMT
uBoNoOGpgsFiOo6STTDAT_TKn5Z8sYqdSDqA6iXAjJXGL819pWa1aTFkrwI-IIeVnkyxQqjZkReor2JjM0Mv7PkGScYCMvkQUHliYzotqUrn_vlE2QdDlFXP-p-hKgGZ=w1280
lh4.googleusercontent.com/
28 KB
28 KB
Image
General
Full URL
https://lh4.googleusercontent.com/uBoNoOGpgsFiOo6STTDAT_TKn5Z8sYqdSDqA6iXAjJXGL819pWa1aTFkrwI-IIeVnkyxQqjZkReor2JjM0Mv7PkGScYCMvkQUHliYzotqUrn_vlE2QdDlFXP-p-hKgGZ=w1280
Requested by
Host: www.blackfridaycrypto.org
URL: https://www.blackfridaycrypto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9c2dd23cc314c9ba39773b5c0677895d8ccce0e09eb07a3107a59af4e56e3744
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="paiem,t method.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28639
x-xss-protection
0
expires
Mon, 17 Jan 2022 19:03:00 GMT
m=view
www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=1/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/
483 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=1/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/m=view
Requested by
Host: www.blackfridaycrypto.org
URL: https://www.blackfridaycrypto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
052abfad95c36917b08b3a3b9990ebebcb17de1ceae7bbc2e2092c061fc3bc53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 16:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166116
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 13:32:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Fri, 13 Jan 2023 16:57:20 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/
309 KB
105 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da87fe5f0d211f53391640723a6ecb7bb6fbb53145c1f069b6d6dd5c066fae0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 23:15:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107219
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Jan 2023 23:15:00 GMT
oyg0Jmx3HPKKnyaundMbCp9_9RcEwg-iVHw9r6MRfOELEaAtmU1Ex5Rxs3XkSDd-x_byzcZbI8rjb8HUQ4fAgg=w16383
lh6.googleusercontent.com/
156 KB
156 KB
Image
General
Full URL
https://lh6.googleusercontent.com/oyg0Jmx3HPKKnyaundMbCp9_9RcEwg-iVHw9r6MRfOELEaAtmU1Ex5Rxs3XkSDd-x_byzcZbI8rjb8HUQ4fAgg=w16383
Requested by
Host: www.blackfridaycrypto.org
URL: https://www.blackfridaycrypto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a5dad0ea44f2d32041bdedb3675d45869ed14ed36b30326f31d59d1daae98adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="test-cover.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159320
x-xss-protection
0
expires
Mon, 17 Jan 2022 19:03:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.blackfridaycrypto.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
192191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 13:39:48 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.blackfridaycrypto.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 17:58:32 GMT
x-content-type-options
nosniff
age
349467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 17:58:32 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.blackfridaycrypto.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:02:00 GMT
x-content-type-options
nosniff
age
450059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 14:02:00 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v40/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3Ai%2Cbi%2C700%2C400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.blackfridaycrypto.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 09:50:41 GMT
x-content-type-options
nosniff
age
378738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24080
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:47 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 09:50:41 GMT
m=sy15,sy16,sy14,FoQBg
www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=0/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/
36 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=0/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/m=sy15,sy16,sy14,FoQBg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=1/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0efb0666aa5e42ab8f105ceb8a20ea14d60ebdf1aec743d0c29e5a1e2a699825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 16:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12294
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 13:32:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Fri, 13 Jan 2023 16:57:20 GMT
m=MpJwZc,n73qwf,A4UTCb,qAKInc,syy,TGYpv,syt,X85Uvc,HIeYee,QxOCld,syr,YXyON,sy2f,abQiW,W26a5e,syv,sy10,syw,syx,syz,fuVYe,hJUyqe,qEW1W,ruhlUe,KUM7Z,syu,qkPXAf,sy12,sy13,zPx2U,oNFsLb,sy3d,yxTchf,sy3e,...
www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=0/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/
1 MB
354 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=0/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/m=MpJwZc,n73qwf,A4UTCb,qAKInc,syy,TGYpv,syt,X85Uvc,HIeYee,QxOCld,syr,YXyON,sy2f,abQiW,W26a5e,syv,sy10,syw,syx,syz,fuVYe,hJUyqe,qEW1W,ruhlUe,KUM7Z,syu,qkPXAf,sy12,sy13,zPx2U,oNFsLb,sy3d,yxTchf,sy3e,sy3f,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2i,SM1lmd,sy6,sy7,syp,syq,sy5,syo,RRzQxe,zZvHmd,sys,YV8yqd,syc,sy9,syb,syd,sy2g,sye,sya,fNFZH,sy2h,sy1a,sy1h,syf,RrXLpc,cgRV2c,sy1i,o1L5Wb,X4BaPc,Md9ENb,sy1c,sy1d,sy18,sy19,sy1b,sy1j,KlrXId,NlqxW,sy1f,sy1g,sy1l,sy3,sy1e,sy1m,sy1n,sy1p,sy1u,sy1t,sy21,sy1k,sy1r,sy1o,sy1s,sy1v,sy1y,sy20,sy17,T807ad,sy1q,ZDEHrf,sy1w,sy1x,sy1z,sy22,syi,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,sy25,sy26,sy27,sy28,sy29,UYjpC,vVEdxc,VYKRW,sy11,CG0Qwb,RZ9OZ,N0NZx,szRU7e
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=1/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d98f09e1cbdd4465aef2f5209cda87e0030617d8b2ab7a7c87c417b68b8f5ba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 21:06:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
510964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
362391
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 13:32:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Tue, 10 Jan 2023 21:06:55 GMT
m=sy34,IZT63,vfuNJf,sy2x,sy31,sy35,sy3g,sy3h,siKnQd,sy2v,sy33,sy37,YNjGDd,sy36,sy38,PrPYRd,hc6Ubd,sy3i,SpsfSb,sy23,sy2e,sy2y,sy30,zbML3c
www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=0/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/
26 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=0/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/m=sy34,IZT63,vfuNJf,sy2x,sy31,sy35,sy3g,sy3h,siKnQd,sy2v,sy33,sy37,YNjGDd,sy36,sy38,PrPYRd,hc6Ubd,sy3i,SpsfSb,sy23,sy2e,sy2y,sy30,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=1/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0dfa83ed0755309baa04d4254552531ab1d1bd00d5fb288bf472308c1441b8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 16:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 13:32:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Fri, 13 Jan 2023 16:57:20 GMT
m=sy39,NTMZac,sy2c,gJzDyc,syk,sym,HYv29e,sy2l,uY3Nvd
www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=0/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/
21 KB
8 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=0/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/m=sy39,NTMZac,sy2c,gJzDyc,syk,sym,HYv29e,sy2l,uY3Nvd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=1/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a5a601d4b53cd56b5e486e8c960849c9f6e21433aec05099b7fcd8a4b832e4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 16:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7747
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 13:32:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Fri, 13 Jan 2023 16:57:39 GMT
logImpressions
www.blackfridaycrypto.org/_/view/
16 B
219 B
XHR
General
Full URL
https://www.blackfridaycrypto.org/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=1/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.blackfridaycrypto.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 16 Jan 2022 19:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/
262 B
205 B
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbbb8df4b62e6e881d8e8e4eea03adc4c48fe6e4d94404782a9955d15004509d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 20:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
179
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 20:01:35 GMT
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame 5432
2 KB
947 B
Document
General
Full URL
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__&r=62210762
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=1/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.blackfridaycrypto.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-length
922
date
Sun, 16 Jan 2022 19:03:00 GMT
expires
Mon, 16 Jan 2023 19:03:00 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 14 Jan 2022 15:37:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
api.js
apis.google.com/js/ Frame 5432
13 KB
5 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__&r=62210762
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f319dfbfd82f5c2027f65c1e2ada5ba5f333efbec8f36338edf17cb390b30a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-s55lDd6xq0OEJQP9eF/yfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
etag
"bcbfc91ee23489b1ca0b0c855d644183"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-s55lDd6xq0OEJQP9eF/yfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sun, 16 Jan 2022 19:03:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ Frame 5432
43 KB
15 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a4f80d2643828a22975ef1c6bae0419536541f8a9564a427caa1de015c34824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 20:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15580
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 20:01:49 GMT
inner-frame-minified.html
1408141185-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/ Frame ABFE
2 KB
940 B
Document
General
Full URL
https://1408141185-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__&r=62210762
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-length
915
date
Sun, 16 Jan 2022 19:03:00 GMT
expires
Mon, 16 Jan 2023 19:03:00 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 14 Jan 2022 15:37:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
api.js
apis.google.com/js/ Frame ABFE
13 KB
5 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: 1408141185-atari-embeds.googleusercontent.com
URL: https://1408141185-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f319dfbfd82f5c2027f65c1e2ada5ba5f333efbec8f36338edf17cb390b30a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BcbjXCapapRaXTS6VUuJww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1408141185-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
etag
"bcbfc91ee23489b1ca0b0c855d644183"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-BcbjXCapapRaXTS6VUuJww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sun, 16 Jan 2022 19:03:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ Frame ABFE
43 KB
15 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a4f80d2643828a22975ef1c6bae0419536541f8a9564a427caa1de015c34824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1408141185-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 20:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15580
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 20:01:49 GMT
loader.js
www.tickcounter.com/static/js/ Frame B1FD
2 KB
1 KB
Script
General
Full URL
https://www.tickcounter.com/static/js/loader.js
Requested by
Host: www.blackfridaycrypto.org
URL: https://www.blackfridaycrypto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:6095 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1f2e3dabbc5994ee54433d1f66cb8a8140146dafece034339b56201ce9df47e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1408141185-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:00 GMT
content-encoding
br
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
HIT
last-modified
Wed, 15 Dec 2021 21:32:08 GMT
server
cloudflare
age
2277826
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDuZaP0EiQAXfQpR41kST%2FItF%2Be1Xwl%2FH%2BYX%2FINL4M7DMutlkWLVl7hW9cyzA%2B7jetN28DvzLc4g8KxempWwtO1esTnTiCcdDOnZtspkBGamY8J268uPfEFi2Mt4iYpc1pB8YHFmRN9LXj3JSa9YuM9F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ce999f69a4d2151-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
2889397
www.tickcounter.com/widget/countdown/ Frame 8D09
14 KB
4 KB
Document
General
Full URL
https://www.tickcounter.com/widget/countdown/2889397
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/static/js/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:6095 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2985523117bb4f0efcc7e275b4739922b500fb2a654cdcca80e1f726f3c6066c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1408141185-atari-embeds.googleusercontent.com/

Response headers

date
Sun, 16 Jan 2022 19:03:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Sun, 16 Jan 2022 19:08:01 GMT
cache-control
max-age=300
x-content-type-options
nosniff
referrer-policy
same-origin
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
MISS
last-modified
Sun, 16 Jan 2022 19:03:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdQF4FkAjUXBck2kZC6MbauAtPpXQiNdn1nLiGCktmdWXsOmveM0PSKXKJ4ahWBq0uDw%2FW3zabT4pAGu1Yw1uEGubycO7%2BKNDVXOZ3ORwva%2FyHaaGQIWSMQt8YfmT27G0rC3kur9Mr83hWETG5u0uMbk"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ce999f77aff8873-LHR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pure-min.css
cdnjs.cloudflare.com/ajax/libs/pure/1.0.0/ Frame 8D09
16 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pure/1.0.0/pure-min.css
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/2889397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
434cc2ad4b3621f5d6631d2e30a25f1bddc2bc5ea8548236d70698b00578ffc4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5187757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3356
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fac-4041"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8JYBXb0FR%2BppAVbWyo8VzpRoBCF7KvKLoNAECP4LzGUQrbN8lIove1iOjw1fpgrOPpWJ5Ab2WhOlNqg2yA8UCm5wFWVoib1RjHrzHnrbs3I6mMOUDhs6HariqxMBEo6P886UhroBp9fxj7Plw7dS0h6"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ce999fb9b1c5c20-FRA
expires
Fri, 06 Jan 2023 19:03:01 GMT
grids-responsive-min.css
cdnjs.cloudflare.com/ajax/libs/pure/1.0.0/ Frame 8D09
8 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pure/1.0.0/grids-responsive-min.css
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/2889397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a9e74bf710eef13b81f56375fc7e24c8b91050fa9ba66a75e9a3f35aece8f5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
835336
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
742
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fac-1f60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wdb3GFFBJ3HirTr6hFRg5uTNRbmlrqoOPx%2BIBaGzWmOGmTueDehwzTsxNUalBPBdpXPCh1qfTQVytGbGhxR3RiYeI7NeBoK1zfqz26%2FU0iGTKISwtXIYh6JADZoMQOe%2FQEchKUzHyL2x290Lvs6TE5Qd"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ce999fb9b205c20-FRA
expires
Fri, 06 Jan 2023 19:03:01 GMT
output.fb6d966c8c8b.css
www.tickcounter.com/static/files/css/ Frame 8D09
3 KB
1 KB
Stylesheet
General
Full URL
https://www.tickcounter.com/static/files/css/output.fb6d966c8c8b.css
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/2889397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:6095 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6d966c8c8b2a7abd25670e392fe59031440119e6b6e89f7eac4dbd01c1a1dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tickcounter.com/widget/countdown/2889397
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:01 GMT
content-encoding
br
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
HIT
last-modified
Wed, 15 Dec 2021 21:31:20 GMT
server
cloudflare
age
2263497
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nwf%2Fn%2Ful2%2FCUwDYZr3dg8szDAM26WbVXOQQfEooNmg3TZGhgLTKEi4ixoTIkTJc88Li150RKtXp0z3W5yDhuPJrpGiInyBcT6OhYHmdc6Fb78C8es0ZaILn9azdK70yOJzbjytZlcdYBGmTtWthm1teI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ce999fb8e518873-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
signature.png
www.tickcounter.com/static/images/ Frame 8D09
5 KB
6 KB
Image
General
Full URL
https://www.tickcounter.com/static/images/signature.png
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/2889397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:6095 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86fb7ad01280680b5ae10e323082cb5f56ceb451cd1357087d5b5ed24de23b71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tickcounter.com/widget/countdown/2889397
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2263386
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5514
x-clacks-overhead
GNU Terry Pratchett
last-modified
Wed, 15 Dec 2021 21:29:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFf6OpIepmZ7T4juVN3mLQmTDZidKh1Q%2FvTo4tlmEoJyusSThzIIaBCHmfqNnVyscelXd559o00d4DWddvFFpvFpumhP3CP3rgBufznapOqgjVHzJ62Y6tcPLteafFst8Z%2BB%2BsDj9z8lEwJeyfZBGfla"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6ce999fb8e678873-LHR
sentry-6.3.0-bundle.min.js
www.tickcounter.com/static/js/external/ Frame 8D09
66 KB
21 KB
Script
General
Full URL
https://www.tickcounter.com/static/js/external/sentry-6.3.0-bundle.min.js
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/2889397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:6095 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b8f0ce80079f71877b177cc43047bbd69c3b2cefa8d8d4311d2dc19dcdddea3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tickcounter.com/widget/countdown/2889397
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:01 GMT
content-encoding
br
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
HIT
last-modified
Mon, 10 Jan 2022 19:45:40 GMT
server
cloudflare
age
214509
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJ35v3%2BxsrEXZ6zfXEKoV9cYUNUbgq0UsQ9MnvnWv%2FLoDeXckEbVtdSuSw4n6Ro5oQoDrS1Fy%2FBYSCC%2FYX5Q9PMTKd%2B5lVA2q%2FuIFVUY8MZvjGbiv%2BIiU7LD8EYtoDGwtHLyjjTU4ukZ9HQ%2F4dmadusO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ce999fb8e5c8873-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 8D09
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/2889397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 14:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jan 2023 14:58:08 GMT
textFit.min.js
cdnjs.cloudflare.com/ajax/libs/textfit/2.4.0/ Frame 8D09
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/textfit/2.4.0/textFit.min.js
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/2889397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1555faed5dbb0664285f114e53c271e3e0bd7c32ba14b97893f8f95214ac0bcf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6219280
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1292
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffc-10b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tD3NoKY1rD6N2QaCgNABSEEOvqBSLI4%2FXaAJ3AjVQXNDZSno7puuEWiDj5rB72IEcfuy5KMeG6BMbtVhtEkJ%2BtsZvm%2FLgIPdt6W8hrrp33c2T6f5%2BNDQfpiTAxx0zKl3jFCtlZ3esg2sgoqCtuAwZfUV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ce999fb9b225c20-FRA
expires
Fri, 06 Jan 2023 19:03:01 GMT
analytics.js
www.google-analytics.com/ Frame 8D09
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/2889397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5287
date
Sun, 16 Jan 2022 17:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 16 Jan 2022 19:34:54 GMT
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/ Frame 8D09
57 KB
17 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/2889397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
827418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16919
timing-allow-origin
*
last-modified
Tue, 06 Oct 2020 12:01:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7c5ca4-e5ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQGJsLuFtKSeCrm2HSR0JpjBb6o2Mos8w0uvnNIC5UDoTEJ7bAGZdf%2BpJZ9HG7msAQ4iLgmqPOOud1Ifm7sX33esWiz9zUtl6m7FCU2N%2BVjVpvnhry9abxn7BSzfGqHpshDB%2BOo7P%2BkfGycs%2F8yuifCk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ce999fb9b235c20-FRA
expires
Fri, 06 Jan 2023 19:03:01 GMT
moment-timezone.min.js
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.34/ Frame 8D09
7 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.34/moment-timezone.min.js
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/2889397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c7d7957d7c391d33555e26b6fb10b1fd8a7090f74514f04089af57fafad08d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5118480
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2643
timing-allow-origin
*
last-modified
Wed, 10 Nov 2021 09:05:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"618b8b5b-a53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLFirWVnPqdeJVDwNQ7QU%2Fcux9HPnbpVt5X4JpOgriN9Sp%2Fu%2BhtC0ucbZiWtLTGeYCtZpxrmIg319Z0u%2FgmFwKBAWnKuu8wFmVg%2BtR4fJ8ofHlFDrMmlpv2j3R7SPS0XSzZGEjSogcdr97MHsXUz4rLc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ce999fb9b245c20-FRA
expires
Fri, 06 Jan 2023 19:03:01 GMT
output.8b486a3f406d.js
www.tickcounter.com/static/files/js/ Frame 8D09
10 KB
5 KB
Script
General
Full URL
https://www.tickcounter.com/static/files/js/output.8b486a3f406d.js
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/2889397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:6095 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b486a3f406da417453701f5b445babab80450067a607132c330f2ed2b87bb3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tickcounter.com/widget/countdown/2889397
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:01 GMT
content-encoding
br
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
HIT
last-modified
Wed, 05 Jan 2022 14:02:49 GMT
server
cloudflare
age
967435
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6r4HT9WuQsh0C5VyLy%2BcTyZSgvaAKhjZl35xMArxkDc4jWeBGv2fhsOrg8nfrUw70mywTxQakOg%2Fw9kTsGZvFL%2FAYFV7V8YniNPoReXnwTS5g3FH%2BSLP2zBwUXLi6Y27IKt4RwFJPkRHqfIEEP%2Faw2S"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ce999fb8e648873-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
trace
www.tickcounter.com/cdn-cgi/ Frame 8D09
288 B
365 B
XHR
General
Full URL
https://www.tickcounter.com/cdn-cgi/trace
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/static/js/external/sentry-6.3.0-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:6095 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daaf822eed350cffe2d51183952efd5a025023374411c3d1cb276e127d2634e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.tickcounter.com/widget/countdown/2889397
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 19:03:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
6ce999fcfa468873-LHR
expires
Thu, 01 Jan 1970 00:00:01 GMT
logImpressions
www.blackfridaycrypto.org/_/view/
16 B
115 B
XHR
General
Full URL
https://www.blackfridaycrypto.org/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.VOT5Yh7LveU.O/d=1/rs=AGEqA5lorC8c8SsLGrXTvXkdNanX92sEbQ/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.blackfridaycrypto.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 16 Jan 2022 19:03:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onsecuritypolicyviolation object| onslotchange object| DOCS_timing function| _DumpException object| _docs_flag_initialData object| _docs_flag_cek function| gapiLoaded object| _at_config object| globals object| messages object| gapi object| ___jsl function| bgImgLoaded object| default_vw object| _bind object| closure_lm_482044 object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis function| _getTimingInstance function| _docsTiming function| MicroscopeImageMetadata object| MicroscopeMaximizeMode object| MicroscopeBackgroundStyle function| MicroscopeState function| MicroscopeSize object| MicroscopeResizeMode object| MicroscopeZoomWidgetMode function| Microscope number| closure_uid_710508254

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=rODc9roRwN8qrDMNwZumhPtDfPXXZQy6Jpoax4kHRK7UFEOX2VCg48nFhpF8ItcHMHCqctaiBsSk51fd3k_uChNhpTTHQX4qqLly1SR--gPnsvVow1grJLMDyLEKmN7VsgGmM_h2E1ad0H5k7rp-LJTZnd7fFQ9UNkNtCL1pS5I

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-LnJ6ccG+Id5mMY8gg1ys6A' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1408141185-atari-embeds.googleusercontent.com
ajax.googleapis.com
apis.google.com
blackfridaycrypto.org
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
www.blackfridaycrypto.org
www.google-analytics.com
www.gstatic.com
www.tickcounter.com
2001:4860:4802:38::15
2606:4700:3034::6815:6095
2606:4700::6810:135e
2a00:1450:4001:801::2003
2a00:1450:4001:810::2001
2a00:1450:4001:811::200e
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2013
052abfad95c36917b08b3a3b9990ebebcb17de1ceae7bbc2e2092c061fc3bc53
0efb0666aa5e42ab8f105ceb8a20ea14d60ebdf1aec743d0c29e5a1e2a699825
1555faed5dbb0664285f114e53c271e3e0bd7c32ba14b97893f8f95214ac0bcf
2985523117bb4f0efcc7e275b4739922b500fb2a654cdcca80e1f726f3c6066c
2b8f0ce80079f71877b177cc43047bbd69c3b2cefa8d8d4311d2dc19dcdddea3
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
434cc2ad4b3621f5d6631d2e30a25f1bddc2bc5ea8548236d70698b00578ffc4
43bef9a031535fd46e96acc6340b0f6a4d3d2545d3f91929d004ab1ed80dab89
4f319dfbfd82f5c2027f65c1e2ada5ba5f333efbec8f36338edf17cb390b30a0
5a5a601d4b53cd56b5e486e8c960849c9f6e21433aec05099b7fcd8a4b832e4b
62a9e74bf710eef13b81f56375fc7e24c8b91050fa9ba66a75e9a3f35aece8f5
6c7d7957d7c391d33555e26b6fb10b1fd8a7090f74514f04089af57fafad08d5
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
7a4f80d2643828a22975ef1c6bae0419536541f8a9564a427caa1de015c34824
7f7909a9c921d04ec15febfbdfeb03ff1afc3470add1882e7639c045f1d8126e
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
86ead8b89b5f4e968dc2a4631720df2435e2b42d7fbffef9de8b0a6a80351eb9
86fb7ad01280680b5ae10e323082cb5f56ceb451cd1357087d5b5ed24de23b71
8b486a3f406da417453701f5b445babab80450067a607132c330f2ed2b87bb3f
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
9c2dd23cc314c9ba39773b5c0677895d8ccce0e09eb07a3107a59af4e56e3744
a0dfa83ed0755309baa04d4254552531ab1d1bd00d5fb288bf472308c1441b8c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3033dea4fa8d7b6aed0a99d168037da30b5baa448c969bd8a78ee213bbc4906
a5dad0ea44f2d32041bdedb3675d45869ed14ed36b30326f31d59d1daae98adc
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbbb8df4b62e6e881d8e8e4eea03adc4c48fe6e4d94404782a9955d15004509d
bfa51b0b6638439005ae05498e40e9eaa1d594ae24235e8a4048cac31aa7caf9
c227fdcc79722f44353d6871fab848719a1ce0a0f2b3f3049869051472d8ae11
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce053b55704859ff738346254d435eb2e0caa348137533bec24c0dae4fe6c57c
d1f2e3dabbc5994ee54433d1f66cb8a8140146dafece034339b56201ce9df47e
d98f09e1cbdd4465aef2f5209cda87e0030617d8b2ab7a7c87c417b68b8f5ba9
d9bc35dbe1abf239538dec80344465bea851dbabdad61c5208ba6c217bbe6144
da87fe5f0d211f53391640723a6ecb7bb6fbb53145c1f069b6d6dd5c066fae0a
daaf822eed350cffe2d51183952efd5a025023374411c3d1cb276e127d2634e9
f0d7ab1b14b0e994c5de7895010b4dc3428ff5fae3f2a42d34958203dfe0b45e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb6d966c8c8b2a7abd25670e392fe59031440119e6b6e89f7eac4dbd01c1a1dc