www.blackhatrussia.com Open in urlscan Pro
111.90.142.140 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.blackhatrussia.com/469-us-passport-psd-template.html
Submission Tags: falconsandbox
Submission: On March 30 via api (March 30th 2023, 10:16:20 pm UTC) from US — Scanned from DE

Summary HTTP 289 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 26 IPs in 8 countries across 22 domains to perform 289 HTTP transactions. The main IP is 111.90.142.140, located in Kuala Lumpur, Malaysia and belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY. The main domain is www.blackhatrussia.com.
TLS certificate: Issued by R3 on February 14th 2023. Valid for: 3 months.

This is the only time www.blackhatrussia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	111.90.142.140 111.90.142.140	45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
23	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
96	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	162.19.61.80 162.19.61.80	16276 (OVH) (OVH)
4	162.19.58.161 162.19.58.161	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	139.99.46.91 139.99.46.91	16276 (OVH) (OVH)
21	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1 2	95.216.228.15 95.216.228.15	24940 (HETZNER-AS) (HETZNER-AS)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	104.18.36.173 104.18.36.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
14	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
5	2607:f8b0:400... 2607:f8b0:4000:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:8::6	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
289	26

16 111.90.142.140 (Kuala Lumpur, Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la

www.blackhatrussia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

96 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.61.80 (France)

ASN16276 (OVH, FR)
PTR: ns3094918.ip-162-19-61.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.58.161 (France)

ASN16276 (OVH, FR)
PTR: ns3096669.ip-162-19-58.eu

preview.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 139.99.46.91 (Singapore)

ASN16276 (OVH, FR)
PTR: 91.ip-139-99-46.eu

cdn.livetrafficfeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
livetrafficfeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.228.15 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.15.228.216.95.clients.your-server.de

static.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.202.105.32 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4000:800::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:8::6 (Ireland)

ASN15169 (GOOGLE, US)

rr1---sn-5hneknee.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 760 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 380	1 MB
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	673 KB
24	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	257 KB
21	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	363 KB
17	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2037 adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	57 KB
17	livetrafficfeed.com cdn.livetrafficfeed.com — Cisco Umbrella Rank: 327215 livetrafficfeed.com — Cisco Umbrella Rank: 279260	31 KB
16	blackhatrussia.com www.blackhatrussia.com	229 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	121 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	7 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	340 KB
7	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 11968 ic.tynt.com — Cisco Umbrella Rank: 7142 de.tynt.com — Cisco Umbrella Rank: 1757	8 KB
4	ibb.co preview.ibb.co — Cisco Umbrella Rank: 454798 image.ibb.co — Cisco Umbrella Rank: 78962	3 MB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7832	696 B
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 13563	2 KB
2	getbutton.io 1 redirects static.getbutton.io — Cisco Umbrella Rank: 39584	93 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	88 KB
1	googlevideo.com rr1---sn-5hneknee.googlevideo.com — Cisco Umbrella Rank: 48026	2 MB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	610 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 13838	183 B
1	waust.at waust.at — Cisco Umbrella Rank: 39598	7 KB
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 19151	19 KB
0	pluso.ru Failed share.pluso.ru Failed
289	22

	Domain	Requested by
90	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
36	tpc.googlesyndication.com	googleads.g.doubleclick.net www.blackhatrussia.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.blackhatrussia.com
16	pagead2.googlesyndication.com	www.blackhatrussia.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
16	www.blackhatrussia.com	www.blackhatrussia.com
14	www.gstatic.com	googleads.g.doubleclick.net
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com www.blackhatrussia.com
14	cdn.livetrafficfeed.com	www.blackhatrussia.com
8	www.facebook.com	connect.facebook.net static.xx.fbcdn.net
8	fonts.googleapis.com	www.blackhatrussia.com googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
5	csi.gstatic.com	www.gstatic.com
5	ic.tynt.com	www.blackhatrussia.com
5	fonts.gstatic.com	fonts.googleapis.com
4	scontent.xx.fbcdn.net	www.facebook.com
3	livetrafficfeed.com	cdn.livetrafficfeed.com www.blackhatrussia.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	t.dtscout.com	waust.at t.dtscout.com
2	static.getbutton.io	1 redirects www.blackhatrussia.com
2	image.ibb.co	www.blackhatrussia.com
2	preview.ibb.co	www.blackhatrussia.com
2	connect.facebook.net	www.blackhatrussia.com connect.facebook.net
1	www.google.com	1 redirects
1	rr1---sn-5hneknee.googlevideo.com	googleads.g.doubleclick.net
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	waust.at
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	whos.amung.us	waust.at
1	waust.at	www.blackhatrussia.com
1	i.postimg.cc	www.blackhatrussia.com
0	share.pluso.ru Failed	www.blackhatrussia.com
289	32

This site contains links to these domains. Also see Links.

Domain
mirrorace.com
www.mirrored.to
multifilemirror.com
www.facebook.com
twitter.com
www.youtube.com
whos.amung.us
livetrafficfeed.com
wa.me

Subject Issuer	Validity	Valid
blackhatrussia.com R3	`2023-02-14` - `2023-05-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-07` - `2023-04-07`	3 months	crt.sh
postimg.cc R3	`2023-02-18` - `2023-05-19`	3 months	crt.sh
ibb.co R3	`2023-02-06` - `2023-05-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-04`	a year	crt.sh
cdn.livetrafficfeed.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-30` - `2023-11-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.dtscout.com GTS CA 1P5	`2023-03-29` - `2023-06-27`	3 months	crt.sh
livetrafficfeed.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-30` - `2023-11-02`	a year	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-03-21` - `2023-05-30`	2 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Frame ID: D055B60A48C2B715B44DDDA1DE97C0A3
Requests: 80 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Frame ID: 1A455A21C021A007E2278AAA411CFEE2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv14.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df10d44ccda749c%2526domain%253Dwww.blackhatrussia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blackhatrussia.com%25252Ff26932b03818e74%2526relation%253Dparent.parent%26container_width%3D360%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblackhatrussiaofficial007%26locale%3Den_GB%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width
Frame ID: 5BE166C5D946C7AD54BE01F45629D73C
Requests: 52 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv14.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df32983bf0449e44%2526domain%253Dwww.blackhatrussia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blackhatrussia.com%25252Ff26932b03818e74%2526relation%253Dparent.parent%26container_width%3D263%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblackhatrussiaofficial007%26locale%3Den_GB%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width
Frame ID: 0B9BC7F7CC17C6EED7BA90EE47567A5D
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&adk=1812271804&adf=3025194257&lmt=1680214571&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=225&bdt=769&idt=57&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8558046592030&frm=20&pv=2&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=523
Frame ID: C026F37BF0E9934B2AE5FB0AC345655F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=450&slotname=6386959814&adk=2385054151&adf=3126712698&pi=t.ma~as.6386959814&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1680214571&rafmt=9&format=750x450&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=3&bdt=768&idt=147&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CgfllgHtHg&p=https%3A//www.blackhatrussia.com&dtd=538
Frame ID: 797EE7FC9D33835017951F42AA917FFE
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553
Frame ID: B573BF2EA8D4E7EFCD1CC2A858F0FE64
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559
Frame ID: ADFA2E8BDD816A2BCB50500B71D03D7B
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5D3A248B2BC0D3B10FA073E2156B9D21
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
Frame ID: AF6A34595A5CCD4DE6C67087FAA56D7F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3F2E77920A30E60FAD96C2957D631EB8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
Frame ID: 414C5E38D058F8D88D669B3B57E6F0B1
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 23ED52B537918C1606DA8B0E40CD7DAE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2AD42B7707B9339D34B02FDE1EA56B2E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js
Frame ID: 8E5F25EAF06D891AC7AF32BDCE7B9ECC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js
Frame ID: 0DF546EA7F379EA7C0D8702C42584EE5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js
Frame ID: 395FF4612A82F3E73FD7A7C8DA9B5992
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js
Frame ID: 2B51EA36CE902A9CF3F51AC0EA6DAC10
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js
Frame ID: A06F4093F44C4D65AA077D837E588013
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js
Frame ID: 8CBDB5C9C3F60D2363BB6503CE941262
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

USA passport PSD Template » learn all kind of hacking

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

289
Requests

99 %
HTTPS

69 %
IPv6

22
Domains

32
Subdomains

26
IPs

8
Countries

8868 kB
Transfer

17988 kB
Size

10
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://mirrorace.com/m/4eDa0
Title: Download Link 1

Search URL Search Domain Scan URL

URL: https://www.mirrored.to/files/108BZDZ4/US_passport_PSD_Template.rar_links
Title: Download Link 2

Search URL Search Domain Scan URL

URL: https://multifilemirror.com/ms3e5odhrpin
Title: Download Link 3

Search URL Search Domain Scan URL

URL: https://www.facebook.com/blackhatrussiaofficial007

Search URL Search Domain Scan URL

URL: https://twitter.com/blackhatrussia0

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCGtC3aSzaFYnh8sQVhT8TKg

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/2jl8c6alqn/
Title: 12

Search URL Search Domain Scan URL

URL: https://livetrafficfeed.com/
Title: Live Traffic Feed

Search URL Search Domain Scan URL

URL: https://livetrafficfeed.com/live/blackhatrussia.com
Title: Real-time

Search URL Search Domain Scan URL

URL: https://livetrafficfeed.com/what-is-my-ip
Title: More Info

Search URL Search Domain Scan URL

URL: http://livetrafficfeed.com/gdpr
Title: Learn more

Search URL Search Domain Scan URL

URL: https://wa.me/79017473945
Title: Message us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://static.getbutton.io/widget-send-button/js/init.js HTTP 302
https://static.getbutton.io/widget/bundle.js

Request Chain 283

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

289 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 469-us-passport-psd-template.html Show response
www.blackhatrussia.com/ 26 KB
7 KB 549ms
213ms Document
text/html 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 4f7efabaf6bb0e21501fea1151384cb6a6c5ab3bfed2dcee1533309d3446339f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 30 Mar 2023 22:16:10 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Mon, 27 May 2019 01:05:23 +0300 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding,User-Agent

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 196ms
84ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd33d9ee68e29c31be3ed545ff30184288b26cfc1778c2e461bf10507d0de07d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48405
x-xss-protection: 0
server: cafe
etag: 17188234195416491464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 22:16:10 GMT

GET
H2 200 jquery.js Show response
www.blackhatrussia.com/engine/classes/js/ 84 KB
29 KB 462ms
460ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/engine/classes/js/jquery.js?v=25
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
last-modified: Fri, 23 Feb 2018 02:00:00 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29175
expires: Thu, 06 Apr 2023 22:16:10 GMT

GET
H2 200 jqueryui.js Show response
www.blackhatrussia.com/engine/classes/js/ 94 KB
26 KB 162ms
156ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/engine/classes/js/jqueryui.js?v=25
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 2f0253a9ee6c26c1c960191a7f349ced5600d94d5fe6e7bfc3dcc9125a963e99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
last-modified: Wed, 31 May 2017 01:00:00 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26066
expires: Thu, 06 Apr 2023 22:16:10 GMT

GET
H2 200 dle_js.js Show response
www.blackhatrussia.com/engine/classes/js/ 32 KB
7 KB 163ms
157ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/engine/classes/js/dle_js.js?v=25
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: bdbca38a6436221f0c4c54f15947bb5ffa4f3df0c69d448a9f14869d3b6b6b40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
last-modified: Mon, 10 Sep 2018 14:43:00 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6752
expires: Thu, 06 Apr 2023 22:16:10 GMT

GET
H2 200 masha.js Show response
www.blackhatrussia.com/engine/classes/masha/ 24 KB
7 KB 167ms
161ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/engine/classes/masha/masha.js?v=25
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 2c996f142c6fbb1ed7630b7fd168b3c75097183bb1b2a237567cbad416c85a09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
last-modified: Thu, 28 Dec 2017 08:05:16 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7518
expires: Thu, 06 Apr 2023 22:16:10 GMT

GET
H2 200 font-awesome.css
www.blackhatrussia.com/templates/NewsHub/css/ 39 KB
7 KB 156ms
154ms Stylesheet
text/css 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/css/font-awesome.css
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
last-modified: Thu, 28 Dec 2017 17:59:38 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7051
expires: Thu, 06 Apr 2023 22:16:10 GMT

GET
H2 200 bootstrap.min.css
www.blackhatrussia.com/templates/NewsHub/css/ 123 KB
18 KB 157ms
156ms Stylesheet
text/css 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/css/bootstrap.min.css
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 2b46b8b2bf6ea470afbe9d4a2343a3e5d7c37774159decfbf0d475bcaeea7f00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
last-modified: Thu, 28 Dec 2017 17:59:38 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18794
expires: Thu, 06 Apr 2023 22:16:10 GMT

GET
H2 200 main.css
www.blackhatrussia.com/templates/NewsHub/css/ 38 KB
6 KB 308ms
307ms Stylesheet
text/css 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/css/main.css
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 931afd0e47554a61b50d49e2aab0102cf6f47ccda0c913f660c06bf50abacc62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
last-modified: Sun, 23 Oct 2022 13:33:28 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6299
expires: Thu, 06 Apr 2023 22:16:10 GMT

GET
H2 200 engine.css
www.blackhatrussia.com/templates/NewsHub/css/ 58 KB
20 KB 309ms
308ms Stylesheet
text/css 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/css/engine.css
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: d3c42ad0fea264e8eacd4c38c8a87d9a9e2c8c822a2b57431f40cd531a1b7698

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
last-modified: Sat, 14 Mar 2020 10:02:54 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20898
expires: Thu, 06 Apr 2023 22:16:10 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 54ms
11ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

adaae52977c0a55d01a5772bb1caa16a172a993744e11426bb2e21d7c1b54627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.blackhatrussia.com/
Origin: https://www.blackhatrussia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Mar 2023 22:16:10 GMT
content-md5: Yv5V0GDixhn8s9SfSoGUlw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: UpSiuWQeGhNm3NiUHfzziXLWInH9FYUsu8+B8wXifmzhErtcL+X3kjl41aIjVmz+IdSITKteP6+D5QZI8Uo6oQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: c299a59d86872a1bb335badb16eca11a
cross-origin-opener-policy: same-origin-allow-popups
etag: "c2d04946f85833df0590dcafbac254dc"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 30 Mar 2023 22:34:40 GMT

GET
H2 200 logo.png
i.postimg.cc/g0mV3XLg/ 19 KB
19 KB 114ms
33ms Image
image/png 162.19.61.80
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/g0mV3XLg/logo.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.61.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3094918.ip-162-19-61.eu
Software: nginx /
Resource Hash: 0587f0dd4df7fdddf5d4c8187c0e4e21477d031f6742c13aeaea2aa241d246ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
last-modified: Tue, 22 Dec 2020 16:06:09 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 19534
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 noavatar.png
www.blackhatrussia.com/templates/NewsHub/dleimages/ 572 B
644 B 168ms
164ms Image
image/png 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blackhatrussia.com/templates/NewsHub/dleimages/noavatar.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: f99a2c60ac365f5cebd3b520372c07dac909708e0fb5f8848a0a967c7fc0b98e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
last-modified: Wed, 27 Dec 2017 19:53:30 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 572
expires: Thu, 06 Apr 2023 22:16:10 GMT

GET
H2 200 Screenshot_1.png
preview.ibb.co/j3tGh7/ 495 KB
496 KB 225ms
55ms Image
image/png 162.19.58.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preview.ibb.co/j3tGh7/Screenshot_1.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096669.ip-162-19-58.eu
Software: nginx /
Resource Hash: c6db5c878629f1ac4c1d69e70b6e72aae966fb18ca5dce36ed0fade2d4b82cbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
last-modified: Sat, 24 Mar 2018 02:03:18 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 507194
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 173ms
85ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3926942378526699

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e5ae7ffdb04da0702ddbed2450aee6354063117f23743c4abdfbe73f4494d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Origin: https://www.blackhatrussia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48393
x-xss-protection: 0
server: cafe
etag: 4737147041125168925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 22:16:10 GMT

GET
H2 200 Screenshot_2.png
preview.ibb.co/cfiTjn/ 272 KB
272 KB 234ms
65ms Image
image/png 162.19.58.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preview.ibb.co/cfiTjn/Screenshot_2.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096669.ip-162-19-58.eu
Software: nginx /
Resource Hash: 0dfd31a339e8dfacd9ea6fe4512835780a925e0b2d483caf11ecde1a3edd775c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
last-modified: Tue, 27 Mar 2018 11:33:02 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 278181
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screenshot_1.png
image.ibb.co/i0PpCx/ 1 MB
1 MB 103ms
41ms Image
image/png 162.19.58.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ibb.co/i0PpCx/Screenshot_1.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096669.ip-162-19-58.eu
Software: nginx /
Resource Hash: ecd98f11dc0c69bde1108e7293a14fa6cb157ac0c7e563b2a192a141d013bf5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
last-modified: Tue, 20 Mar 2018 05:06:26 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1116697
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screenshot_6.png
image.ibb.co/mD9xXx/ 1 MB
1 MB 122ms
61ms Image
image/png 162.19.58.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ibb.co/mD9xXx/Screenshot_6.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096669.ip-162-19-58.eu
Software: nginx /
Resource Hash: ff6827d4444bb6a00e4ee00770fcc3d8ff6b5c88a9e19997933e5b4ac4a35a45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
last-modified: Tue, 20 Mar 2018 04:01:42 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1349805
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d.js Show response
waust.at/ 14 KB
7 KB 68ms
20ms Script
application/x-javascript 2606:4700:20::681a:407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1757
etag: W/"63c04119-3972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vncAtrnNI%2B1p7pgxLFjONKKCzDgStX00FJPgfJfPUhfh0x9JZJRsFZRl07aGUhIffAiuDd4Bcd5Mr9iN1RWheZAyV8cHbDXTPojvf64JxNsqQAaQwCVLjarTe2kU5E5DOKM4F%2Bee"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7b03b72bdfe89066-FRA
expires: Fri, 31 Mar 2023 21:46:53 GMT

GET
H2 200 live.js Show response
cdn.livetrafficfeed.com/static/v4/ 48 KB
18 KB 530ms
168ms Script
application/javascript 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livetrafficfeed.com/static/v4/live.js
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: 951b58813238f111504a062d1a972cb5de213779305db63a3dd64d8c33f2a5ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 22:09:11 GMT
server: Nginx
etag: W/"64260887-beb9"
x-powered-by: VPSSIM
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
expires: Sat, 29 Apr 2023 22:16:11 GMT

GET
H2 200 bootstrap.js Show response
www.blackhatrussia.com/templates/NewsHub/js/ 70 KB
13 KB 155ms
154ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/js/bootstrap.js
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 8c34c37291ee6d38191ac0a84ef1aedde856af334a96245759d0482912edb067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
last-modified: Thu, 28 Dec 2017 17:59:32 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13672
expires: Thu, 06 Apr 2023 22:16:10 GMT

GET
H2 200 owl.carousel.min.js Show response
www.blackhatrussia.com/templates/NewsHub/js/ 39 KB
10 KB 159ms
153ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/js/owl.carousel.min.js
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: e04e2b4e27ae9881b1e161954cc00ba16c8c3a0ce73a179824756353efd6c481

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
last-modified: Thu, 28 Dec 2017 17:59:32 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10325
expires: Thu, 06 Apr 2023 22:16:10 GMT

GET
H2 200 main.js Show response
www.blackhatrussia.com/templates/NewsHub/js/ 3 KB
736 B 162ms
156ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/js/main.js
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 4c444545c886a942c71cda6fac3897448c6c6509593ab8a4792856ea2818aef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
last-modified: Thu, 21 Mar 2019 17:45:42 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 680
expires: Thu, 06 Apr 2023 22:16:10 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/ 350 KB
117 KB 112ms
109ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3926942378526699&plah=www.blackhatrussia.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07f6582468ba8cafbb777c34e77502d0dfe8e42fa4f7cd6a984b1c2ab8e389ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119850
x-xss-protection: 0
server: cafe
etag: 15202780475335583616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 22:16:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/ Frame 1A45 10 KB
5 KB 142ms
37ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 00:11:06 GMT
etag: 2378337311435320485
expires: Thu, 13 Apr 2023 00:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 172ms
52ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:400,700&subset=cyrillic

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/templates/NewsHub/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3da48afbe47fc124def22b7f1998aaf96a0d8d5d5652232fdd545cd550135794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 22:16:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 22:16:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 22:16:10 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 301 KB
85 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=b79132435a74c38d1351d35d21f81bb7

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bbd34a8dfb91f71af541deeaa19d5ddcc07b84af7218bd01f1b1faadc3547afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.blackhatrussia.com/
Origin: https://www.blackhatrussia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Mar 2023 22:16:10 GMT
content-md5: oNz2E2SW2OigVMAKu0UnMg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87118
x-fb-rlafr: 0
x-fb-debug: MhSAacT0kt1+YVAgfV+cQ/RK5WfVfOrnJMHVd6BEMZn4qInJadXQgGdxHuIPCtcrLScLVsh5xk2AQ2+49ao7AQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: c277f370f2ec798f610d7c867c6dab3e
cross-origin-opener-policy: same-origin-allow-popups
etag: "eefb5e9ff6abbf00eb2771054e68ad6e"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 29 Mar 2024 20:49:31 GMT

GET
H/1.1

200
OK

bundle.js Show response
static.getbutton.io/widget/
Redirect Chain

https://static.getbutton.io/widget-send-button/js/init.js
https://static.getbutton.io/widget/bundle.js

297 KB
93 KB

70ms
70ms

Script
application/javascript

95.216.228.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getbutton.io/widget/bundle.js
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: HTTP/1.1
Server: 95.216.228.15 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.15.228.216.95.clients.your-server.de
Software: nginx/1.16.0 /
Resource Hash: dc1cbdbbb3abee25ba8741382fd3ce4304a660502b8b03e83ef8dc9514e1ef66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 22:16:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2023 10:29:46 GMT
Server: nginx/1.16.0
ETag: W/"6425649a-4a567"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: keep-alive
Expires: Fri, 31 Mar 2023 01:16:11 GMT

Redirect headers

Location: https://static.getbutton.io/widget/bundle.js
Date: Thu, 30 Mar 2023 22:16:11 GMT
Server: nginx/1.16.0
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 18 KB
18 KB 116ms
36ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.blackhatrussia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:37:42 GMT
x-content-type-options: nosniff
age: 49109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18260
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:37:42 GMT

GET
H2 200 fontawesome-webfont.woff2
www.blackhatrussia.com/templates/NewsHub/fonts/ 75 KB
75 KB 156ms
155ms Font
font/woff2 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/templates/NewsHub/css/font-awesome.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.blackhatrussia.com/templates/NewsHub/css/font-awesome.css
Origin: https://www.blackhatrussia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
last-modified: Thu, 22 Dec 2016 14:50:34 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 77160
expires: Thu, 06 Apr 2023 22:16:11 GMT

GET
H2 200 ca-pub-3926942378526699 Show response
fundingchoicesmessages.google.com/i/ 133 KB
45 KB 162ms
70ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3926942378526699?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3926942378526699&plah=www.blackhatrussia.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c879ad879a4b2251a2944326949ef9eb289c6607182db160e057686cae5614ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kg4R7yz1sT_-2cV3g_7uTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-Kg4R7yz1sT_-2cV3g_7uTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET pluso-like.js
share.pluso.ru/ 0
0

GET
H2 200 / Show response
t.dtscout.com/i/ 2 KB
2 KB 86ms
24ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&j=
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
x-t: 0.638
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8o97YKaWPiGN87MMnLMA4S73QUVsnLPdvbQf2263%2BuOPw3bGqf6620MaRuSJTE5It0JvGyI3YyKodTaobQK6hVRBB5mv%2FwHpqb0WdpjA855JiqUKcbPFcxCeUP3JFM0qINZwOM01y4r57pk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 7b03b72f9a643819-FRA
expires: Thu, 30 Mar 2023 22:16:10 GMT

GET
H2 200 marker.png
www.blackhatrussia.com/templates/NewsHub/dleimages/ 1 KB
1 KB 155ms
153ms Image
image/png 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blackhatrussia.com/templates/NewsHub/dleimages/marker.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/templates/NewsHub/css/engine.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: f4d00d2b1105c2e78c8ce501c375b86d495e86d5451ea08b439ad0b9270d3ab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/templates/NewsHub/css/engine.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
last-modified: Thu, 07 Sep 2017 22:23:28 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1050
expires: Thu, 06 Apr 2023 22:16:11 GMT

GET
H2 200 page.php Show response
www.facebook.com/v14.0/plugins/ Frame 5BE1 46 KB
15 KB 119ms
78ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=b79132435a74c38d1351d35d21f81bb7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

898f696a3e7eab0e49c8d43b664a09446fd55ac04d9a9ddf26f2d7d2f24daa53

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 22:16:11 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: jEglCo3ETyeqmVBR1vSVudAvpwO4UtmYVl421auZ2lD3BGvDDS1366fOzfsGdpbzcRoWtvmi78ZjCVa+PfxXTg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 page.php Show response
www.facebook.com/v14.0/plugins/ Frame 0B9B 45 KB
16 KB 92ms
71ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32983bf0449e44%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=b79132435a74c38d1351d35d21f81bb7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

044cb3ef39228f5d050dad399bc4a8aff808e0a116c0e8d12b5b327fd588c46b

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 22:16:11 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: u+TROPwGpHX6joS7+OooWQCnzO2hV/mQ2+sJceER+tnIQY1B86dFrWZumCzm0hpnCXFhuHTCJ52AlROADXl7zA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 jquery.js Show response
livetrafficfeed.com/static/v5/ 2 KB
1 KB 672ms
256ms Script
application/javascript 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://livetrafficfeed.com/static/v5/jquery.js?ranid=bEbPAvucVKZ8yIP6gEUTTc5SHSexBawTxGDwE0SE3v34QJwcxM&cookie_id=&link=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&clientwidth=1600&clientheight=1200&num=10&title=USA%20passport%20PSD%20Template%20%C2%BB%20learn%20all%20kind%20of%20hack&referrer=&timezone=America%2FNew_York&root=0

Requested by

Host: cdn.livetrafficfeed.com
URL: https://cdn.livetrafficfeed.com/static/v4/live.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.99.46.91 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

91.ip-139-99-46.eu

Software

Nginx / VPSSIM

Resource Hash

a07a10727b1d53370fa0b010bbd7169e9863f4004f316860f1709850d01434ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: Nginx
x-powered-by: VPSSIM
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 29 B
183 B 193ms
130ms Script
text/javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=2jl8c6alqn&t=USA%20passport%20PSD%20Template%20%C2%BB%20learn%20all%20kind%20of%20hacking&c=d&x=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&y=&a=0&v=27&r=7880
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c7325ce8f082a3df083366cfbd688ccbebaed2622f78ad984626c46ada9a257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b03b73008472c6b-FRA
content-type: text/javascript;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
610 B 143ms
57ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.blackhatrussia.com&callback=_gfp_s_&client=ca-pub-3926942378526699

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74633628b7f06429e99ada7855364b8d73bd75d64f9a2bfa0d3eb94849e6e376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 228ms
67ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.blackhatrussia.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 217ms
87ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.blackhatrussia.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C026 574 KB
102 KB 608ms
607ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&adk=1812271804&adf=3025194257&lmt=1680214571&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=225&bdt=769&idt=57&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8558046592030&frm=20&pv=2&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=523

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ad08f0af0cb54899a7473514ca9d32f4035fc654772143b7b45939a9b9f243d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 104368
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 22:16:12 GMT
expires: Thu, 30 Mar 2023 22:16:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 797E 84 KB
24 KB 449ms
448ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=450&slotname=6386959814&adk=2385054151&adf=3126712698&pi=t.ma~as.6386959814&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1680214571&rafmt=9&format=750x450&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=3&bdt=768&idt=147&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CgfllgHtHg&p=https%3A//www.blackhatrussia.com&dtd=538

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55c4c97850e4070fbe92a8b49231c4dbc2f35ba7198de0133f8fac1234480878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 24213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 22:16:12 GMT
expires: Thu, 30 Mar 2023 22:16:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B573 122 KB
38 KB 815ms
814ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887f1bb7e66d195d7a8cc5dfd2b45ba6e773e3c56e436357a348af6795e988b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38277
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 22:16:12 GMT
expires: Thu, 30 Mar 2023 22:16:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ADFA 90 KB
32 KB 701ms
701ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa77f6a55fa061f318809c4c7e1afe06279914657199e902a762c000c8db2a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32654
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 22:16:12 GMT
expires: Thu, 30 Mar 2023 22:16:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXfi8IjESm04vn-xOTGie3oYvwQgRYrXTSfeVXt2KklFXyFNYTvm8ChF5BT-gzevCt3eSRxM1N7HY-jHEPfU3M= Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 81ms
79ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXfi8IjESm04vn-xOTGie3oYvwQgRYrXTSfeVXt2KklFXyFNYTvm8ChF5BT-gzevCt3eSRxM1N7HY-jHEPfU3M=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgwMjE0NTcxLDY2MDAwMDAwMF0sIjk0Qjc0MUI2LUE3QjUtNDE3My1CRTg4LUQ2QTVFN0RCQTg4MCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LmJsYWNraGF0cnVzc2lhLmNvbS80NjktdXMtcGFzc3BvcnQtcHNkLXRlbXBsYXRlLmh0bWwiLG51bGwsW1s4LCJVRVJsdFo3T2Z5MCJdLFs5LCJkZSJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UERltZ7Ofy0.es5.O/d=1/rs=AJlcJMx-xFh9WYmTs70sPwdyKrJc0STrVw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11a81c56b9e98e26e4c843bba5af919bcc161d4b04304690a92cef5e356a37a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F6SOEwGA5Pr5SJ3kQb1Whw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-F6SOEwGA5Pr5SJ3kQb1Whw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 oo7wYxNobA4.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ Frame 0B9B 20 KB
5 KB 38ms
10ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/oo7wYxNobA4.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32983bf0449e44%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

413710259178ac9f46d913b694ec5ad8bed16cf315726f9198cd0ec6e90ceb4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fmZSZqUpZXU0sii4s86o3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5215
x-fb-rlafr: 0
x-fb-debug: LqxpEwOjHcm/otinthWUaCxZsU4F9qz7fZ8LRWWGEmjGTaeQVbaObYEhPwF5bOx20gtcB7f97TflFP15jAW+Dw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 17:46:25 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 0B9B 2 KB
1 KB 36ms
8ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: uIq2VocdMGxgdB73MHIjpXkSI7bQkfCCqNpGHWneNx05NO71/EyP+txqs/d/52f5zo1ArooNvciauj3NfrOR9g==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 25 Mar 2024 08:55:01 GMT

GET
H2 200 GjqmzZYOHmI.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ Frame 0B9B 300 KB
79 KB 39ms
11ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

25e85c88c08c030a0dce3220306f618f022c39684fb3f1527b90069fee77faae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7SlfwVRHqF2Y2M2TDRrOjw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81142
x-fb-rlafr: 0
x-fb-debug: pKNK/s2ydPqdfekB1gELSZK/1V7K4hZugSSyinQ0elw4TfyKkARFCy8kjd1EqSR3ZlrEA8RvaWk8JhOMTQhWuQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 17:10:18 GMT

GET
H2 200 aT5hm4CBE4u.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame 0B9B 6 KB
2 KB 37ms
11ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/aT5hm4CBE4u.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aed0a61267a42ae3d4aeab50c39b2c372066d404de5d6219bbc28ef3cc2f04e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gFhjLabXZcw8BmZdlxsjBA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1913
x-fb-rlafr: 0
x-fb-debug: Dwye65nWwlptJbaDBiQNf+IH2TRpTwJ9GRGhVapu6Namp04L+UDJdmxNpjv7vIgim5h+96eUnQzEudtGtwciXA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 28 Mar 2024 18:25:14 GMT

GET
H2 200 VmyM6aBzl18.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame 0B9B 39 KB
12 KB 67ms
40ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/VmyM6aBzl18.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99512739ca169911014a9d54e0ba81f6bca9928404890c2d5c1b824eaaa7caee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: v7/tOCtOLJrNEj+fXC+HPQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12471
x-fb-rlafr: 0
x-fb-debug: xK5Nq3BQJ+Pf6DSFHwc4g/KQzH9xF3UYEpMUhNP6zTYBG7SuzMsvktfO0xM7VpvY6S15/MhXF1jyceKiCfWZKA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 01:03:46 GMT

GET
H2 200 XsuPnKMviIR.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 0B9B 52 KB
16 KB 37ms
11ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/XsuPnKMviIR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eefbb91e14034edeff586b1ad5e0f866a0cc3d084aca7380e2725056ec9e2924

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: f/giPoLB0LjKBxJFZccXXg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16433
x-fb-rlafr: 0
x-fb-debug: Tm4PuR9sbJJtvK769B7UlEe+K7iK88ft1PGfDtYSsNTdM0cAdRfK4T7XZ5YjN0a2KzT8KPGckfezyjpTFT7cww==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 05:38:27 GMT

GET
H2 200 KCEpDoVMNUU.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/y3/l/en_GB/ Frame 0B9B 19 KB
6 KB 64ms
38ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/y3/l/en_GB/KCEpDoVMNUU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e41d33405980997e712db2dcf8d13e2315abdb04aaf1e91b6309266716a5a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wt5bizar95D1Gg5fBurG4A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5553
x-fb-rlafr: 0
x-fb-debug: 6goY4M+TWNXZxitrjKmZbms6QEPPSv5kfso2xxAruiUHdRdCrr7rvFEVnIjiPTSFdo4yxjMQtNE1ALpR3o7elA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 17:53:51 GMT

GET
H2 200 ojoHf9ItJgz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 0B9B 13 KB
5 KB 37ms
12ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/ojoHf9ItJgz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa110663d6600fd847987ed2d5046deea4e65e27183e20c76a12d56206c86a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uEx2jrC6dV45WuFXvcdqqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4628
x-fb-rlafr: 0
x-fb-debug: 0o2OEZnJXHBleSVNRl5WjHLmcH4OC1AyPH9SQFFNvnYr+Mb3qDgmpeC0dc9W/CUyUQV3Tzbzdd10NHYcFIdspA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 28 Mar 2024 18:25:15 GMT

GET
H2 200 P5-SpoV3UhR.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 0B9B 57 KB
16 KB 37ms
12ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/P5-SpoV3UhR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0124bb3b0954666fee1c11c8c4ca8e18cc6586be4be1667e30b5277618c9c5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZstGoWzLUZsqWuXng/weGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16462
x-fb-rlafr: 0
x-fb-debug: I8N/+2rB1rrVBqZQWrrGgEyqTCxJu2dfC5Kasv5USw0oiKYuI5umOKlZYj9gmEb/rm+ZXO8+Jpu04YnLhrwGNw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 17:46:25 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 0B9B 507 B
490 B 153ms
128ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: 1TbM4q36txH+ykNNgZ+FXwqQe3pSp0JSBx19KTf+soO+fXzObIHNFhkmO4FRN/k+GFNanYAPoRxfSBMxdFsCLA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 28 Mar 2024 17:41:55 GMT

GET
H2 200 pAi1DIUmQXz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 0B9B 188 KB
54 KB 154ms
129ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/pAi1DIUmQXz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9343760a10e3464db1af7be0cc0b7c620183c25f03ef1abb9b4fcd8263de928d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sqMrpwgB/YRvSE/MpyhF1g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 55475
x-fb-rlafr: 0
x-fb-debug: bM1dtQODdsw7iKoGdQqXgJ9j/Rpt5FvwrtKeFm6pKrPGRzHUfRd903KJ4f7UjfJX6aXO2fLBrUQ/kZu5A0kb4Q==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 18:56:40 GMT

GET
H2 200 UIbhq_otiob.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/ Frame 0B9B 70 KB
21 KB 64ms
39ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e137b703d3b95300c7e6e02ecd911eb480291a018794e40d0e5443dbd23e6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3oOhtKqZMFlIo76hdsg2Fw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20902
x-fb-rlafr: 0
x-fb-debug: 3Vc4NmY0j4KLxbucVcIPD0UAqqS3AcXlhRXFTU5neqqxCOxGNanqLFTJCWRFyGjWjAcphgW4KcQ+GdGCOphqdQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Mar 2024 09:49:30 GMT

GET
H2 200 Wtl6tMxz2hH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 0B9B 27 KB
9 KB 142ms
130ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/Wtl6tMxz2hH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2429dfbe741449bf01449b46bbf212b18f464038995e771ca9a4bb1e0925610

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zreoT9hZjaMMYMRJ1AEzzg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8978
x-fb-rlafr: 0
x-fb-debug: XY6Q82LtWPy2wuVJHL8mIgZ4LfDDczWOHlYcpOf5IZ9t50ieh8eniG3Dwb8hX+v1Z/OGlt73/n8q4TErlawSQA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 17:29:21 GMT

GET
H2 200 PS3kRnW0pjD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 0B9B 6 KB
2 KB 139ms
127ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/PS3kRnW0pjD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce405aa0f160ca48de86d34b5c16333780a268b9fd7ca1c0df7ca3601a3b8f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RJ2ssYIeBpYmMzuuZi7r+w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2080
x-fb-rlafr: 0
x-fb-debug: 1PGIZWUPGNPPGFFWKj1SAApbppnmy/SIXkDrtFIw0KjgyKzQWk3d4PbsIGyER/n7hOP5HxyimTYy6ipC2UxtSw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 09:32:18 GMT

GET
H2 200 296798315_102390382585555_8847597571544116058_n.png
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 0B9B 9 KB
9 KB 53ms
24ms Image
image/png 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/296798315_102390382585555_8847597571544116058_n.png?stp=dst-png_s280x280&_nc_cat=111&ccb=1-7&_nc_sid=dd9801&_nc_ohc=rkvovrjWmsYAX_j7-w8&_nc_ht=scontent.xx&edm=AGeEj18EAAAA&oh=00_AfBGcFBVCOzqVeMp4pxQhh7VId46cGJlnC1bzZDTG1tpNg&oe=642A36B3
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32983bf0449e44%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d83f8be07f0b015b347a491c8429eea4bdedc305e983a2a4118e8f1a09631957

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-haystack-needlechecksum: 960172941
date: Thu, 30 Mar 2023 22:16:11 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 09 Aug 2022 05:18:04 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=351520299
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1502943839
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 9124

GET
H2 200 296972867_102389962585597_3932758871658506365_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 0B9B 1 KB
2 KB 45ms
16ms Image
image/jpeg 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/296972867_102389962585597_3932758871658506365_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=SEgbCJqstcUAX_Zs7t2&_nc_ht=scontent.xx&edm=AGeEj18EAAAA&oh=00_AfDs4ESs-pCEn4ivvBmkyPZg2_uoPohADOXbEsF-hh9y_w&oe=642BDDE0
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32983bf0449e44%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0af14c8c1c4106987297a09656d22bd9c5806b53a1d734e834442165b01c17f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-haystack-needlechecksum: 2987367722
date: Thu, 30 Mar 2023 22:16:11 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 09 Aug 2022 05:17:09 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=150261592
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 120161036
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1455

GET
H2 200 oo7wYxNobA4.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ Frame 5BE1 20 KB
5 KB 22ms
10ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/oo7wYxNobA4.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

413710259178ac9f46d913b694ec5ad8bed16cf315726f9198cd0ec6e90ceb4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fmZSZqUpZXU0sii4s86o3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5215
x-fb-rlafr: 0
x-fb-debug: LqxpEwOjHcm/otinthWUaCxZsU4F9qz7fZ8LRWWGEmjGTaeQVbaObYEhPwF5bOx20gtcB7f97TflFP15jAW+Dw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 17:46:25 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 5BE1 2 KB
980 B 20ms
9ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: uIq2VocdMGxgdB73MHIjpXkSI7bQkfCCqNpGHWneNx05NO71/EyP+txqs/d/52f5zo1ArooNvciauj3NfrOR9g==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 25 Mar 2024 08:55:01 GMT

GET
H2 200 GjqmzZYOHmI.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ Frame 5BE1 300 KB
79 KB 51ms
42ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

25e85c88c08c030a0dce3220306f618f022c39684fb3f1527b90069fee77faae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7SlfwVRHqF2Y2M2TDRrOjw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81142
x-fb-rlafr: 0
x-fb-debug: pKNK/s2ydPqdfekB1gELSZK/1V7K4hZugSSyinQ0elw4TfyKkARFCy8kjd1EqSR3ZlrEA8RvaWk8JhOMTQhWuQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 17:10:18 GMT

GET
H2 200 aT5hm4CBE4u.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame 5BE1 6 KB
2 KB 51ms
42ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/aT5hm4CBE4u.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aed0a61267a42ae3d4aeab50c39b2c372066d404de5d6219bbc28ef3cc2f04e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gFhjLabXZcw8BmZdlxsjBA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1913
x-fb-rlafr: 0
x-fb-debug: Dwye65nWwlptJbaDBiQNf+IH2TRpTwJ9GRGhVapu6Namp04L+UDJdmxNpjv7vIgim5h+96eUnQzEudtGtwciXA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 28 Mar 2024 18:25:14 GMT

GET
H2 200 VmyM6aBzl18.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame 5BE1 39 KB
12 KB 49ms
40ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/VmyM6aBzl18.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99512739ca169911014a9d54e0ba81f6bca9928404890c2d5c1b824eaaa7caee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: v7/tOCtOLJrNEj+fXC+HPQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12471
x-fb-rlafr: 0
x-fb-debug: xK5Nq3BQJ+Pf6DSFHwc4g/KQzH9xF3UYEpMUhNP6zTYBG7SuzMsvktfO0xM7VpvY6S15/MhXF1jyceKiCfWZKA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 01:03:46 GMT

GET
H2 200 XsuPnKMviIR.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 5BE1 52 KB
16 KB 50ms
41ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/XsuPnKMviIR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eefbb91e14034edeff586b1ad5e0f866a0cc3d084aca7380e2725056ec9e2924

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: f/giPoLB0LjKBxJFZccXXg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16433
x-fb-rlafr: 0
x-fb-debug: Tm4PuR9sbJJtvK769B7UlEe+K7iK88ft1PGfDtYSsNTdM0cAdRfK4T7XZ5YjN0a2KzT8KPGckfezyjpTFT7cww==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 05:38:27 GMT

GET
H2 200 KCEpDoVMNUU.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/y3/l/en_GB/ Frame 5BE1 19 KB
6 KB 140ms
132ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/y3/l/en_GB/KCEpDoVMNUU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e41d33405980997e712db2dcf8d13e2315abdb04aaf1e91b6309266716a5a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wt5bizar95D1Gg5fBurG4A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5553
x-fb-rlafr: 0
x-fb-debug: 6goY4M+TWNXZxitrjKmZbms6QEPPSv5kfso2xxAruiUHdRdCrr7rvFEVnIjiPTSFdo4yxjMQtNE1ALpR3o7elA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 17:53:51 GMT

GET
H2 200 ojoHf9ItJgz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 5BE1 13 KB
5 KB 50ms
41ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/ojoHf9ItJgz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa110663d6600fd847987ed2d5046deea4e65e27183e20c76a12d56206c86a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uEx2jrC6dV45WuFXvcdqqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4628
x-fb-rlafr: 0
x-fb-debug: 0o2OEZnJXHBleSVNRl5WjHLmcH4OC1AyPH9SQFFNvnYr+Mb3qDgmpeC0dc9W/CUyUQV3Tzbzdd10NHYcFIdspA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 28 Mar 2024 18:25:15 GMT

GET
H2 200 P5-SpoV3UhR.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 5BE1 57 KB
16 KB 50ms
42ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/P5-SpoV3UhR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0124bb3b0954666fee1c11c8c4ca8e18cc6586be4be1667e30b5277618c9c5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZstGoWzLUZsqWuXng/weGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16462
x-fb-rlafr: 0
x-fb-debug: I8N/+2rB1rrVBqZQWrrGgEyqTCxJu2dfC5Kasv5USw0oiKYuI5umOKlZYj9gmEb/rm+ZXO8+Jpu04YnLhrwGNw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 17:46:25 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 5BE1 507 B
445 B 137ms
129ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: 1TbM4q36txH+ykNNgZ+FXwqQe3pSp0JSBx19KTf+soO+fXzObIHNFhkmO4FRN/k+GFNanYAPoRxfSBMxdFsCLA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 28 Mar 2024 17:41:55 GMT

GET
H2 200 pAi1DIUmQXz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 5BE1 188 KB
54 KB 137ms
130ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/pAi1DIUmQXz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9343760a10e3464db1af7be0cc0b7c620183c25f03ef1abb9b4fcd8263de928d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sqMrpwgB/YRvSE/MpyhF1g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 55475
x-fb-rlafr: 0
x-fb-debug: bM1dtQODdsw7iKoGdQqXgJ9j/Rpt5FvwrtKeFm6pKrPGRzHUfRd903KJ4f7UjfJX6aXO2fLBrUQ/kZu5A0kb4Q==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 18:56:40 GMT

GET
H2 200 UIbhq_otiob.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/ Frame 5BE1 70 KB
21 KB 47ms
39ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e137b703d3b95300c7e6e02ecd911eb480291a018794e40d0e5443dbd23e6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3oOhtKqZMFlIo76hdsg2Fw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20902
x-fb-rlafr: 0
x-fb-debug: 3Vc4NmY0j4KLxbucVcIPD0UAqqS3AcXlhRXFTU5neqqxCOxGNanqLFTJCWRFyGjWjAcphgW4KcQ+GdGCOphqdQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Mar 2024 09:49:30 GMT

GET
H2 200 Wtl6tMxz2hH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 5BE1 27 KB
9 KB 138ms
131ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/Wtl6tMxz2hH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2429dfbe741449bf01449b46bbf212b18f464038995e771ca9a4bb1e0925610

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zreoT9hZjaMMYMRJ1AEzzg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8978
x-fb-rlafr: 0
x-fb-debug: XY6Q82LtWPy2wuVJHL8mIgZ4LfDDczWOHlYcpOf5IZ9t50ieh8eniG3Dwb8hX+v1Z/OGlt73/n8q4TErlawSQA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 17:29:21 GMT

GET
H2 200 PS3kRnW0pjD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 5BE1 6 KB
2 KB 134ms
127ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/PS3kRnW0pjD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce405aa0f160ca48de86d34b5c16333780a268b9fd7ca1c0df7ca3601a3b8f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RJ2ssYIeBpYmMzuuZi7r+w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2080
x-fb-rlafr: 0
x-fb-debug: 1PGIZWUPGNPPGFFWKj1SAApbppnmy/SIXkDrtFIw0KjgyKzQWk3d4PbsIGyER/n7hOP5HxyimTYy6ipC2UxtSw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Mar 2024 09:32:18 GMT

GET
H2 200 296798315_102390382585555_8847597571544116058_n.png
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 5BE1 13 KB
13 KB 44ms
17ms Image
image/png 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/296798315_102390382585555_8847597571544116058_n.png?stp=dst-png_s350x350&_nc_cat=111&ccb=1-7&_nc_sid=dd9801&_nc_ohc=rkvovrjWmsYAX_j7-w8&_nc_ht=scontent.xx&edm=AGeEj18EAAAA&oh=00_AfCWtAEAhDNdVWTev5xvyeGIpTMjmPgoXHp_0Sx9uUXbHw&oe=642A36B3
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 22c55af9e1447d0b4e3cb9c8b94c21a2750715ada4ff59c1cd86ef7f9d81c890

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-haystack-needlechecksum: 960172941
date: Thu, 30 Mar 2023 22:16:11 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 09 Aug 2022 05:18:04 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=2861381488
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1502943839
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 13111

GET
H2 200 296972867_102389962585597_3932758871658506365_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 5BE1 1 KB
1 KB 14ms
13ms Image
image/jpeg 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/296972867_102389962585597_3932758871658506365_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=SEgbCJqstcUAX_Zs7t2&_nc_ht=scontent.xx&edm=AGeEj18EAAAA&oh=00_AfDs4ESs-pCEn4ivvBmkyPZg2_uoPohADOXbEsF-hh9y_w&oe=642BDDE0
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0af14c8c1c4106987297a09656d22bd9c5806b53a1d734e834442165b01c17f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-haystack-needlechecksum: 2987367722
date: Thu, 30 Mar 2023 22:16:11 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 09 Aug 2022 05:17:09 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=150261592
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 120161036
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1455

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
349 B 82ms
81ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=blackhatrussia.com&_ss=6ejqa9ios3&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=4yxu&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d279a6d329eebf6436d8998c9612d242a49c0f0bc1c07dbd21c051f0fb37e96a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
x-t: 0.134
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJK5KTat595S1rTF%2F3THAZKlLjl5TP%2FhHP2ElIfEMrnR9wtTKWRuZtlsODxrUUE0NeerkXjO%2BCwBG0t9trV%2B5EVAuFpW9MKr1TuPQ%2F2SMYU6AvWjG%2BWl%2BnGt1qGUDO52zzYX1Ao8vFfjYMk%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 7b03b7315c3d3819-FRA
expires: Thu, 30 Mar 2023 22:16:10 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 18 KB
7 KB 180ms
26ms Script
application/javascript 104.18.36.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 15:48:05 GMT
server: cloudflare
age: 109660
etag: W/"64109735-4750"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7b03b7324864bc03-FRA
expires: Sun, 02 Apr 2023 22:16:11 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 AGSKWxVP8fhBXty-qVj0Alqp7pOJLm-GyKLzKfQvAb5v2NaIk2CJS6TBgpq37mA3YBQCsm5x6ovlm-19HTXfqxFWy8o= Show response
fundingchoicesmessages.google.com/el/ 0
29 B 139ms
56ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVP8fhBXty-qVj0Alqp7pOJLm-GyKLzKfQvAb5v2NaIk2CJS6TBgpq37mA3YBQCsm5x6ovlm-19HTXfqxFWy8o=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G3y4nUbPhgR1zNFVNcgH3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G3y4nUbPhgR1zNFVNcgH3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.blackhatrussia.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXXTCrY56xs9SW_zZ3x1CJgw2Vc6J0b-rzAzmgD331_CJDdSK3J38DH_bWD5_9gJx29Hbyp3at3e-lhGUSPXOyMgS7aW1sgu3M_NTgDqKA1xCKNIfensmScPhf9mXnTcjscaq3srQ== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 107ms
86ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXXTCrY56xs9SW_zZ3x1CJgw2Vc6J0b-rzAzmgD331_CJDdSK3J38DH_bWD5_9gJx29Hbyp3at3e-lhGUSPXOyMgS7aW1sgu3M_NTgDqKA1xCKNIfensmScPhf9mXnTcjscaq3srQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgwMjE0NTcxLDgzNjAwMDAwMF0sIjk0Qjc0MUI2LUE3QjUtNDE3My1CRTg4LUQ2QTVFN0RCQTg4MCIsbnVsbCxudWxsLFtudWxsLFs3LDEwXV0sImh0dHBzOi8vd3d3LmJsYWNraGF0cnVzc2lhLmNvbS80NjktdXMtcGFzc3BvcnQtcHNkLXRlbXBsYXRlLmh0bWwiLG51bGwsW1s4LCJVRVJsdFo3T2Z5MCJdLFs5LCJkZSJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57a5536480cd86cb4e1c70b1c3b553cafb2c055b4eb82be01335db0151b5ac81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fhOZrSbGTkCwkJX9reTiDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-fhOZrSbGTkCwkJX9reTiDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 0B9B 573 B
628 B 19ms
7ms Image
image/png 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/oo7wYxNobA4.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/oo7wYxNobA4.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: a6PSpntLYbHr34htD2Npu6UesJUsaL8JEsIZDHbIXTfD1zIQQhGklkny1lpaHwvvNy/niG4jH06GX4/IF0jxYw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1,i
expires: Fri, 29 Mar 2024 03:00:02 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 5BE1 573 B
625 B 8ms
7ms Image
image/png 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/oo7wYxNobA4.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/oo7wYxNobA4.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: a6PSpntLYbHr34htD2Npu6UesJUsaL8JEsIZDHbIXTfD1zIQQhGklkny1lpaHwvvNy/niG4jH06GX4/IF0jxYw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Mar 2024 03:00:02 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
228 B 427ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!2jl8c6alqn&lm=0&ts=1680214572048&dn=TC&iso=0&us_privacy=1---&pu=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&ct=USA%20passport%20PSD%20Template&t=USA%20passport%20PSD%20Template%20%C2%BB%20learn%20all%20kind%20of%20hacking&chmob=0
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 30 Mar 2023 22:16:12 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 dd9f860f4cef23b7700d578f01fdd738.js Show response
www.gstatic.com/mysidia/ Frame 797E 10 KB
5 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dd9f860f4cef23b7700d578f01fdd738.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=450&slotname=6386959814&adk=2385054151&adf=3126712698&pi=t.ma~as.6386959814&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1680214571&rafmt=9&format=750x450&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=3&bdt=768&idt=147&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CgfllgHtHg&p=https%3A//www.blackhatrussia.com&dtd=538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02a5ba607169327f9866fc6a13ab05ad89a2585c40b454c9fac1c7b21bb7216b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 22:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4444
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 17:51:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 22:58:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 797E 2 KB
818 B 149ms
45ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H2 200 c91bfd4c1c6b69cdfb1d962b816f1542.js Show response
www.gstatic.com/mysidia/ Frame 797E 23 KB
10 KB 131ms
41ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c91bfd4c1c6b69cdfb1d962b816f1542.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f0a3e14fabf5c4e20367b1b49c8b6731ef4ef2b887c26a6d966f06c3f583e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9879
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 20:56:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 00:12:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame 797E 22 KB
9 KB 138ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 797E 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 797E 20 KB
8 KB 146ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 797E 158 KB
49 KB 50ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 22:16:12 GMT

GET
H3 200 BW7a5tS7MH9.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame 5BE1 10 KB
3 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/BW7a5tS7MH9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4e8897f617acf8c561309a5d51674bc1cbef024b66acf21ceb35ddf76a0c16b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 35ezpiND1KsgnE8MWEcrlA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3500
x-fb-rlafr: 0
x-fb-debug: jT5LkrKHXKPAgW8/JAQx/FiFLz8Q6LQn4QR2FSrYTFyRjmDlF2CKxyC5G93eUHHrfyCt7Iap3VNLUTTsNSEKYw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 18:25:16 GMT

GET
H3 200 BW7a5tS7MH9.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame 0B9B 10 KB
3 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/BW7a5tS7MH9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4e8897f617acf8c561309a5d51674bc1cbef024b66acf21ceb35ddf76a0c16b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 35ezpiND1KsgnE8MWEcrlA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3500
x-fb-rlafr: 0
x-fb-debug: jT5LkrKHXKPAgW8/JAQx/FiFLz8Q6LQn4QR2FSrYTFyRjmDlF2CKxyC5G93eUHHrfyCt7Iap3VNLUTTsNSEKYw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 18:25:16 GMT

GET
H2 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 5BE1 170 KB
44 KB 245ms
242ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Atrue%2C%22referer_uri%22%3A%22https%3A%2F%2Fwww.blackhatrussia.com%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0ny0RE2Jw8W1uwc-0pa0h-0Lo6-0iq&__csr=&__req=1&__hs=19446.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007215734&__s=%3A%3Acsorr6&__hsi=7216466634104941325&__comet_req=0&locale=en_GB&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3023eb4e52a557f35ebb06278848c69e3090647ceece87bba71a60598b2e7447

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: 3Pc5eOLPKcjmA8NtUUj9FT
Referer: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
X-ASBD-ID: 198387
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 30 Mar 2023 22:16:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: XGCctV2w7cFbpoO+fYK4eNVuMbAe6s5jou+OlLa+/8Gpv+J0zlqulG7WIvfGX7VxwAraWpaDIt62SsNS+GwsVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 5BE1 1 KB
1 KB 77ms
76ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

231d923cc3073c56e9be9462586d51753f1f8ab3c45a6988105856f3f19ca84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: 3Pc5eOLPKcjmA8NtUUj9FT
Referer: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
X-ASBD-ID: 198387
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 30 Mar 2023 22:16:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: oFGOJh9/JY2k7twj1EXWADel/KHS9lek0S3sS4dhumW3ZAeeQWMlsYrVe+TKcMme5DBbfxqbqwyO3dLcHm1UPw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 watermark.png
livetrafficfeed.com/images/ 3 KB
3 KB 179ms
167ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://livetrafficfeed.com/images/watermark.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: c88417d536eab670b2771f604d69cc2ec6136abf5109c78e7c9fd6b0d0282220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 23 May 2019 16:59:56 GMT
server: Nginx
etag: "5ce6d18c-aa0"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 2720
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 overlay2.png
livetrafficfeed.com/images/ 980 B
1 KB 179ms
168ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://livetrafficfeed.com/images/overlay2.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: 3f1cdebfe02e8e40b8f88d9166bcf096678cf8f907fa736b13e99412479af55c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Sat, 09 Dec 2017 14:18:30 GMT
server: Nginx
etag: "5a2bf0b6-3d4"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 980
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 chrome.png
cdn.livetrafficfeed.com/images/browser/11/ 486 B
725 B 179ms
168ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/browser/11/chrome.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: b6f8fb0877ebbac082cbc81e6c207ba3806916c32cddcf65442f53c9e926bce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 30 Mar 2023 22:09:05 GMT
server: Nginx
etag: "64260881-1e6"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 486
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 windows.png
cdn.livetrafficfeed.com/images/os/11/ 312 B
552 B 180ms
169ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/os/11/windows.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: bb69356308245cad3eb7984d79c0b6c324bfac7ebc4d7ff9e6df994e53dfaed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 30 Mar 2023 22:09:03 GMT
server: Nginx
etag: "6426087f-138"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 312
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 de.png
cdn.livetrafficfeed.com/images/flags/16/ 122 B
361 B 180ms
169ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/de.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: 9505d22a9881bd550fee754d461e808a76c98abaf98793ba474b9d787138fdb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 30 Mar 2023 22:09:03 GMT
server: Nginx
etag: "6426087f-7a"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 122
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 ro.png
cdn.livetrafficfeed.com/images/flags/16/ 127 B
366 B 179ms
170ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/ro.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: ed7f6870e2cebf184837dd93287e5da59fae094cb79d49931f565aede1a4f39f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 30 Mar 2023 22:09:04 GMT
server: Nginx
etag: "64260880-7f"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 127
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 be.png
cdn.livetrafficfeed.com/images/flags/16/ 126 B
365 B 180ms
171ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/be.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: 0ea464d7c8116b89645977e593a2b72bec92790439ab3fbbbe1477d0d073f7ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 30 Mar 2023 22:09:03 GMT
server: Nginx
etag: "6426087f-7e"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 126
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 se.png
cdn.livetrafficfeed.com/images/flags/16/ 236 B
475 B 180ms
171ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/se.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: 791c219369bb41464d5bb8fc981d358c0263544c15ae66e35206267aec43bede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 30 Mar 2023 22:09:04 GMT
server: Nginx
etag: "64260880-ec"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 236
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 samsung-browser.png
cdn.livetrafficfeed.com/images/browser/11/ 388 B
628 B 180ms
172ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/browser/11/samsung-browser.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: 171967fb384b673413e6425ecce333b8156a238760dbb6986d958ff502a6f915

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 30 Mar 2023 22:09:08 GMT
server: Nginx
etag: "64260884-184"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 388
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 android.png
cdn.livetrafficfeed.com/images/os/11/ 406 B
646 B 180ms
172ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/os/11/android.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: d0c88b84ad7a28bb57338a0939b0728c20e37accb35ffc15be947dcef614ecfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 30 Mar 2023 22:09:03 GMT
server: Nginx
etag: "6426087f-196"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 406
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 ca.png
cdn.livetrafficfeed.com/images/flags/16/ 343 B
583 B 180ms
173ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/ca.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: bd8c67464afae3ae168963c8233096c0af297b528ba80ceffee7c72546c8e290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 30 Mar 2023 22:09:03 GMT
server: Nginx
etag: "6426087f-157"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 343
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 vn.png
cdn.livetrafficfeed.com/images/flags/16/ 262 B
501 B 180ms
173ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/vn.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: c32ffa2b943af90e3fe0028de115848152e8440db0ab5bd8a9b20494d9b34aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 30 Mar 2023 22:09:04 GMT
server: Nginx
etag: "64260880-106"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 262
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 opera.png
cdn.livetrafficfeed.com/images/browser/11/ 455 B
694 B 342ms
335ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/browser/11/opera.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: bb0b0ece3e619719589ee1730b31da0b10df5977dc290570e1dab5634ebd3bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 30 Mar 2023 22:09:07 GMT
server: Nginx
etag: "64260883-1c7"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 455
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 dz.png
cdn.livetrafficfeed.com/images/flags/16/ 309 B
549 B 342ms
336ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/dz.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: e4a70cf1134dac71045e302999a2849f2824e29bc3a722592b4f0b55e1b0e4a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 30 Mar 2023 22:09:03 GMT
server: Nginx
etag: "6426087f-135"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 309
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H2 200 chrome-mobile.png
cdn.livetrafficfeed.com/images/browser/11/ 486 B
725 B 341ms
337ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/browser/11/chrome-mobile.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx / VPSSIM
Resource Hash: b6f8fb0877ebbac082cbc81e6c207ba3806916c32cddcf65442f53c9e926bce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
last-modified: Thu, 30 Mar 2023 22:09:05 GMT
server: Nginx
etag: "64260881-1e6"
x-powered-by: VPSSIM
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 486
expires: Sat, 29 Apr 2023 22:16:12 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 5BE1 1 KB
1 KB 11ms
10ms Image
image/png 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/oo7wYxNobA4.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/oo7wYxNobA4.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: lggqd1cRi8THp/fV+O9aGP1XZhOfrixZD/G3bqB5Kxs4WWFaUfVC/FAW17IwIKqLI+nl7wurLMpq+i/LCke0dw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Mar 2024 03:02:02 GMT

GET
H3 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 0B9B 169 KB
44 KB 245ms
244ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007%22%2C%22width%22%3A263%2C%22height%22%3A500%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Atrue%2C%22referer_uri%22%3A%22https%3A%2F%2Fwww.blackhatrussia.com%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0ny0RE2Jw8W1uwc-0pa0h-0Lo6-0iq&__csr=&__req=1&__hs=19446.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007215734&__s=%3A%3Aclzsns&__hsi=7216466634430182419&__comet_req=0&locale=en_GB&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61d4c224645b84fb7edeb5a741efd26cd0bc1a4443f76f7665b4ba9e5f152dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: q0zXGOEpFSBsGgLSSkj7n5
Referer: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32983bf0449e44%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
X-ASBD-ID: 198387
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 30 Mar 2023 22:16:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 1KTeG60ShfCJvC7RguBTAGBpsobJaYjYXWNmlC3neh3/eb2v75YVZCL/2jLrVDJ/QJuMT14ieUJ+ob9t0UDh5A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 0B9B 1 KB
735 B 42ms
42ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

046b2590a523494d1f7869c5f4a92c3b552f0b78c9b788922c406bb69b857fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: q0zXGOEpFSBsGgLSSkj7n5
Referer: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32983bf0449e44%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
X-ASBD-ID: 198387
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 30 Mar 2023 22:16:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: tBq2b5f7tU4OtEJsj2Lai27xZDK6qRRk/x1p3g47DNTL8Zx+oKk2L6W4Sst5eZSdR5Zsd36ToQn6ZPzkvmahiQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
327 B 421ms
107ms Script
application/javascript 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!2jl8c6alqn&dn=TC&cc=1&chmob=0&r=&us_privacy=1---&pu=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Thu, 30 Mar 2023 22:16:12 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 4
expires: Fri, 31 Mar 2023 22:16:12 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 0B9B 1 KB
1 KB 7ms
7ms Image
image/png 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/oo7wYxNobA4.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/oo7wYxNobA4.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: lggqd1cRi8THp/fV+O9aGP1XZhOfrixZD/G3bqB5Kxs4WWFaUfVC/FAW17IwIKqLI+nl7wurLMpq+i/LCke0dw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Mar 2024 03:02:02 GMT

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 5BE1 198 B
251 B 8ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: 7K88dPy3jcVghmBhFJ+kZ17qvAnarsJLvAx4jLz1w4K8277bMa+JoA18DpXCrT1uOJOUCpM/hhWselBuyO2rdg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 05:05:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame ADFA 6 KB
768 B 48ms
46ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 22:11:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 22:16:12 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame ADFA 2 KB
799 B 53ms
50ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame ADFA 22 KB
9 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame ADFA 3 KB
1 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame ADFA 20 KB
8 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADFA 158 KB
48 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 22:16:12 GMT

GET
H2 200 572670f91facfac87fddb213925da9fc.js Show response
www.gstatic.com/mysidia/ Frame ADFA 34 KB
14 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/572670f91facfac87fddb213925da9fc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af8cd1cb4e1060d144a844f6d0b12b0887c5ebb2e521c9f2aaa7fefc7254d8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 20:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14438
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 20:56:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 20:50:46 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/ 150 KB
51 KB 158ms
157ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc5c57482edb138cccdf20e5bf6e11fb109fd17159281b3522d27b854e781ad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52140
x-xss-protection: 0
server: cafe
etag: 8740830439723823115
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 22:16:12 GMT

POST
H2 200 controller.php Show response
www.blackhatrussia.com/engine/ajax/ 2 B
81 B 165ms
164ms XHR
text/html 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/engine/ajax/controller.php?mod=adminfunction
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/engine/classes/js/jquery.js?v=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: gzip
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/159610277293234404/ Frame 797E 100 KB
100 KB 37ms
36ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/159610277293234404/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bf78aa885cab99a8c93c29bd4ef075bfbbeaf01650ca521f219e7f99c0b013c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 08:52:07 GMT
x-content-type-options: nosniff
age: 134645
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102471
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 10:08:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Mar 2024 08:52:07 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 797E 142 KB
142 KB 523ms
522ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=450&slotname=6386959814&adk=2385054151&adf=3126712698&pi=t.ma~as.6386959814&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1680214571&rafmt=9&format=750x450&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=3&bdt=768&idt=147&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CgfllgHtHg&p=https%3A//www.blackhatrussia.com&dtd=538
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30749
x-xss-protection: 0
expires: Thu, 30 Mar 2023 22:16:12 GMT

GET
H2 200 dd9f860f4cef23b7700d578f01fdd738.js Show response
www.gstatic.com/mysidia/ Frame B573 10 KB
4 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dd9f860f4cef23b7700d578f01fdd738.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02a5ba607169327f9866fc6a13ab05ad89a2585c40b454c9fac1c7b21bb7216b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 22:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4444
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 17:51:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 22:58:56 GMT

GET
H2 200 42196e044d318fce4dd2b9ee7e6b9d71.js Show response
www.gstatic.com/mysidia/ Frame B573 137 KB
51 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42196e044d318fce4dd2b9ee7e6b9d71.js?tag=video_mra/web_raspberry_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99822992382dc6b866383c384e2b4a3ce96d5d661b37db03e2df2aeced241422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 00:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51692
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 17:51:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 00:19:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B573 8 KB
895 B 51ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 22:11:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 22:16:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame B573 2 KB
765 B 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame B573 22 KB
9 KB 68ms
65ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame B573 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame B573 20 KB
8 KB 74ms
70ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B573 158 KB
48 KB 86ms
83ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 22:16:12 GMT

GET
H3 200 572670f91facfac87fddb213925da9fc.js Show response
www.gstatic.com/mysidia/ Frame B573 34 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/572670f91facfac87fddb213925da9fc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af8cd1cb4e1060d144a844f6d0b12b0887c5ebb2e521c9f2aaa7fefc7254d8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 20:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14438
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 20:56:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 20:50:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ADFA 0
0 91ms
90ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5dneKwomZNrlKbiK7AOG5J6YD7zT3Ldvibm_x70RiJzMtt4JEAEgnZWfJmCV4pCCoAegAcX2pp0DyAEJqQKdimvoZUiyPqgDAcgDywSqBKQCT9BsMjX7Ukc4G52OIWoAXDpsvX105XFoz6pVXItEmuZzz0blF9KLegDjMIDvDLSu_4h1_vxYrOV0p06_V0mZJ33Le2gaL1lEzzq3bwn_cs485L0Vt3OQuZ19ZMbyif9_VOIVQY54_1dmhQzevtthTNUf_FOaecbLzMd-quYWFZZ8MApi8pScPKQd0_Il5qZI6Z4cn1XfYIgsY5GYot6VX6HJYTFydVodwJAS8sTIsE9wlCbAkzrDEchy30iDiYPT4IYmQv-AVVFYrpmWosNmzY-uGGd4OjNhgkQTmPEnPAVGF4G1bx1cikHbbnsJ3c3YrKkA60_r2eCx1OhogrGljMUwKpNZ1E3c1ueQ_8F3LUAF1RGy5HH3R0Mn0d2R4ACs9286U8AEsoua6KgEoAYugAejidliqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQ9JHIAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTA4gUDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zOTI2OTQyMzc4NTI2Njk5GAA&sigh=DTzOyzCHWeY&uach_m=[UACH]&cid=CAQSGwDUE5ymOL7L6q4ThZPCf-lObx-4abx-776YihgB&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Mar 2023 22:16:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Mar 2023 22:16:12 GMT

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 0B9B 198 B
251 B 7ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: 7K88dPy3jcVghmBhFJ+kZ17qvAnarsJLvAx4jLz1w4K8277bMa+JoA18DpXCrT1uOJOUCpM/hhWselBuyO2rdg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 05:05:36 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/159610277293234404/ Frame ADFA 17 KB
18 KB 70ms
69ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/159610277293234404/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf953efe8e0f5b3f720d2e3f738dc0c85a38016e9e090c5b7bd90a21dc494155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 08:52:07 GMT
x-content-type-options: nosniff
age: 134645
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17913
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 10:08:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Mar 2024 08:52:07 GMT

GET
H3 200 3147984097541128383
tpc.googlesyndication.com/simgad/ Frame ADFA 4 KB
4 KB 81ms
81ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3147984097541128383?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa284ca4fedda502c0e4a5792eab148f92d17396d58a5280f13c7192cab7eaae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 23:48:54 GMT
x-content-type-options: nosniff
age: 80838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3735
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 14:07:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Mar 2024 23:48:54 GMT

GET
H3 200 yqr-wjsb8TW.css
static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/ Frame 5BE1 17 KB
5 KB 50ms
10ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/yqr-wjsb8TW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

47845d8ec3e950a384c742215672d45457b690e10b9503dbfb95963683e8d885

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YGaw6NqRHRZfVCndxvIU2g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4613
x-fb-rlafr: 0
x-fb-debug: pbHilgrHoxgMKM7aJhGAFyr4Ix2pOJMoC+tcby3FBm0FUZVungeepMWRtN1vqD42EEnyMQnj+8YxK2lW86+7Kw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Fri, 29 Mar 2024 17:46:25 GMT

GET
DATA 200
OK truncated
/ Frame 5BE1 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 UislPCXOWc0.css
static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/ Frame 5BE1 19 KB
5 KB 51ms
11ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/UislPCXOWc0.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f75b6ee6e9bd2f4f0e4c5221d955dede1229eae2c137ad283fccc4918cc5bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HlDm5uW9RcrMa0LFO+oNyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4558
x-fb-rlafr: 0
x-fb-debug: 4KydTkzyrdpbnMszCYOY+D3PDgHjzat8bE0oTZt7xN1JoSx3K82t3bcVUx3/UvoYlC9yGsFKv77lkT7fp0dZPQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Mon, 25 Mar 2024 08:56:06 GMT

GET
H3 200 iJ74GuEjPmx.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ Frame 5BE1 39 KB
8 KB 51ms
12ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/iJ74GuEjPmx.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ad14eeb748eee6a429d326f2232cac4917e4a1d798126911407094f13ca0bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yyTfWzZpODOQ+bPkJuxuVg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8303
x-fb-rlafr: 0
x-fb-debug: Asqlrke+DTxPWOw5r2PKaUFkxTjQiU1vtUDM/lo+c3Z6V1v4+lqL3b1A5hXQpQPed/bdJ3jKIIe4lN9veENTPw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Thu, 28 Mar 2024 22:38:56 GMT

GET
H3 200 yniYuNWWbQj.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ Frame 5BE1 19 KB
4 KB 52ms
12ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/yniYuNWWbQj.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d30f8b4e7f947843a40a38276e1755f0c4ced815871656a67dd1c59132f65604

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: f7lWmk4BcXRYpE0lASN5Jg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4391
x-fb-rlafr: 0
x-fb-debug: AvFQ/vgvSjl/YfPOcvAYDLDahF7VL8IvsmAEldwMRujmhmmxPSPvPDYWeorJj0knGKSZyvVeO6XGsFMjpIMkPg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Fri, 29 Mar 2024 17:49:18 GMT

GET
H3 200 4iWhS8Rmg05.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame 5BE1 5 KB
2 KB 55ms
15ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/4iWhS8Rmg05.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82086f0311629c7ee6a01a4be243812253468828935001a8ea2b83966c7323f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JeT+zLS1FSZKdVW6wO6SQg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: T5CIvTsLcPAZsbfh9OP9iA++45pMgZTvJKWmcfIq2kP80iqJZ0CTm+IGur8hlQQtzJDSJmHJhNXDL21OuDFt/g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 23 Mar 2024 23:45:33 GMT

GET
H3 200 ELwrIoo5T4W.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 5BE1 11 KB
4 KB 55ms
16ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/ELwrIoo5T4W.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b591e087b24a5a83fc978f66884e61fbed70f597738562cabb1075e1b0130b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1bg20nO2ExDfkSMHvbXd2A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3935
x-fb-rlafr: 0
x-fb-debug: ptLeIckqWjfcW8dU7Ya0kewYhGO4UptikyVScQAi9ae0wPcL1h9e9P1WJPx+HoAKY3C9ms3dwaO7J4q5r2cJNw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 29 Mar 2024 17:49:08 GMT

GET
H3 200 XMHgiwdrM2B.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame 5BE1 33 KB
6 KB 54ms
15ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43cef17a32d6403565654fc0972e73949f5cdb2c7e51830898b0738078f89f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: x1EIOauApyTRaW/nXejV3Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6475
x-fb-rlafr: 0
x-fb-debug: moBIFJagyD7GsbeF5lECYwZ43P9095PblLrtYK9r8b6vt9s34QcpJn5fzPmgaGtAQKp7/pr4fz8yw315J30cdQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Mon, 25 Mar 2024 16:42:05 GMT

GET
H3 200 zTAcZgbV8nB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 5BE1 61 KB
16 KB 55ms
16ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/zTAcZgbV8nB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc0d49dfd20b6ece5010cdd54bdefad3fe2df62828dc6c579cbaf5a4e63a9fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NST0JUomaRRhKDzRtqfVoQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16144
x-fb-rlafr: 0
x-fb-debug: BpW1qd3KWnUizHDuI5kkWC0Jm30F3T3+aQvTiONhPNVoxuO+cbTmf4SnWcxyh3nWKfHVOIfskFvcJNmggvtDRA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 21 Mar 2024 17:04:16 GMT

GET
H3 200 SV0HgmB8RsT.js Show response
static.xx.fbcdn.net/rsrc.php/v3ibcU4/y4/l/en_GB/ Frame 5BE1 31 KB
9 KB 57ms
19ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ibcU4/y4/l/en_GB/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc9595ee8439c5d2990126d60c5587c1120741b96a168e278e6d47defccea5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4KqTzccePH9IygV28VQtgA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9053
x-fb-rlafr: 0
x-fb-debug: xSbWFTWu5vM4mqngI+qZw5rdZyuVYPmQQdmLSb7Gk/MBpVnv3PqAL9QP7w65KSpJJb2VUBj+Fm8lE13DZN4lWg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 20:06:07 GMT

GET
H3 200 UN3_PbR-HJ4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 5BE1 21 KB
7 KB 59ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/UN3_PbR-HJ4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e239a7ef6b367100ceb17647f6057f4b9db339e29e8e0778151df9ca5e07e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3uuABC/lnX9uyekO3Kn9bg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7104
x-fb-rlafr: 0
x-fb-debug: LQndBbEXdgYb92uvBs8ihGbbDYzP/PiWEOQVstvdLnhxGaREwSb/xPHtqqsJp2+t43oKBz3DZFvrF8tim5um2g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 27 Mar 2024 09:18:35 GMT

GET
H3 200 V8jK12UmQ6C.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 5BE1 3 KB
1 KB 60ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2030569339b862f00a936d97af228b1bc2500d7f7162abc23be7d8acc710482

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G94KxmId/Gs6bmpfm04/RQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1248
x-fb-rlafr: 0
x-fb-debug: iIKvk7C3pssbCMtp8d0LOonLn8SQDMWXqZ7Xcurv7fXjV/5CRtZ3+HTNEOv52SgrYlXKxNM9Y1sj8Bb2CCRz1Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 19:25:46 GMT

GET
H3 200 7TQpq0fzfu4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 5BE1 2 KB
837 B 65ms
27ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TLChQoDhUYzpJFadDZTs1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 782
x-fb-rlafr: 0
x-fb-debug: hGHOMSshBHypwTCYBjeOuTA7o4SSvPjg1Up5VqWIMh8MMoqH9ivC5lgruXBBN54M/CjPM5jwW+jsVGaVB+dT0w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 21 Mar 2024 20:07:25 GMT

GET
H3 200 pCP62JLHAlV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 5BE1 34 KB
9 KB 65ms
27ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/pCP62JLHAlV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d5b6dcf1c2a190f3c0e349631cbd0db2688d48c3a57abf1644ecf985ddaf925

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G58j4o2IMumKENNSiT0Ohg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9161
x-fb-rlafr: 0
x-fb-debug: DQqVAvNr8EDKDLLVi/t0P+Mj/SEGRB4u08Hufz7boGJ0k+YnGhtakOlvA5AXH6Uue7R5Z9m42sCKaoe7WGj3rA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 21 Mar 2024 18:37:09 GMT

GET
H3 200 X3lvXGmoTXJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 5BE1 285 KB
61 KB 66ms
28ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/X3lvXGmoTXJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6a1aac7f01f0a637038a98e9506c89712c23f895b369bfd928c2c5e3fbadb9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1eMdOJFYFTRNKpap1vVR9A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 62118
x-fb-rlafr: 0
x-fb-debug: kiy/fFEmU4i6DuHd0bl/lrtxyfnh6jpatIQ5q7BJgAPjdMalgjCZiGlsHArrrEOw5h07aE+lo0ICzhpNu/VKRg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 22 Mar 2024 00:07:44 GMT

GET
H3 200 lSA1bh92ImV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame 5BE1 40 KB
11 KB 69ms
32ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/lSA1bh92ImV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68053b0b29e66768a7bd8979251fd3d0428afb1afd669260682eaee463fb17d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DZy8yVYLhc4NXGuKrNEL9g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11255
x-fb-rlafr: 0
x-fb-debug: cHNW6AwAfBZdIUtbfp/g6aua8xj9wjZ39r7pHmHS9O7QwJQJwXFKuDxBgFsrq7l8jIx1BR8BAedCNrRpR4dmPA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 18:49:05 GMT

GET
H3 200 dKGK0McILid.js Show response
static.xx.fbcdn.net/rsrc.php/v3i30-4/yR/l/en_GB/ Frame 5BE1 408 KB
96 KB 72ms
35ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i30-4/yR/l/en_GB/dKGK0McILid.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20b9f77fb50c9a36b849adb3ff16036ae5cf0dc972ed7861a122de20d8b08487

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FIDgkDHR2kp2eF9oVexZ8A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 98247
x-fb-rlafr: 0
x-fb-debug: zNChwi0i81PKmNgtw+Mn6xwa09Vtjo2/Yy70zZT36SS0dtEkODU2/wWtWs5P4H8dwYYp/g7gBi9ADY4LBfJfVQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Mon, 25 Mar 2024 08:56:07 GMT

GET
H3 200 Una1ssYdRqv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame 5BE1 34 KB
10 KB 76ms
39ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/Una1ssYdRqv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9bd5a2d950b6ef695d60ba988621416a6f78315ed3d7988ded857ed6cc80042

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XfNQ0QzNbBnTdKXne7bOiQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10197
x-fb-rlafr: 0
x-fb-debug: eluUPIobyJJqqGF06uoWfZb5hwdr+JSxSfAP2QTh999a4AdZl3nTCdUDF5AJQDkYmiGIInxjptwEuY2tbpN1gg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 23 Mar 2024 16:28:03 GMT

GET
H3 200 BqEjD1dj1pL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 5BE1 840 B
414 B 78ms
41ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uknKQ5sJ+8vBWLiIBWWBIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 356
x-fb-rlafr: 0
x-fb-debug: n3g8fES0w/XTsdgiQjwN6B6M4O4QecZJIIvnr1ITCBjb6xqJL7HiECIwzE7HqzCTjUreP0Zf8ljC87cR4KzUwQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 17:57:45 GMT

GET
H3 200 dswQVshrjuE.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame 5BE1 343 KB
75 KB 78ms
42ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/dswQVshrjuE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf658e5812fe693304264a1b126dc3e36f9ee7f849afbf560508074166c4c5d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5HlEAsuzMIHfgLYDxtxKvg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76386
x-fb-rlafr: 0
x-fb-debug: 9wEjtzKx/FwHxZfPd/gM54sSQUmVIqg3D07+C/0kIWVEMWAfbDNVHcXFovXKT3l3/gCHXvIeH2vvKLZG4P0Wjg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 27 Mar 2024 21:28:09 GMT

GET
H3 200 mXciX7j8BCz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ Frame 5BE1 23 KB
6 KB 81ms
44ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/r/mXciX7j8BCz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6a084b954ef9cf21c9b84782a410fab051ab77ae2a4aff15c24c626c30df332

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nTkdL1vur9qJzFQ6yl0svg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5940
x-fb-rlafr: 0
x-fb-debug: t2WeluDCWkNEzSelh9QGqGKQpCkkVVQT7tPCLs3b8/Vhi9CLIvDXvfTlbJZNo2dG8426pMpmPe0uYzutozJLOw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 21 Mar 2024 18:08:37 GMT

GET
H3 200 UINyxpEgUZj.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ Frame 5BE1 86 KB
21 KB 83ms
47ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/UINyxpEgUZj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b03e45069c012ecd7bdb86a28a2a669e1edc57b3f6d5b35b26f4b53874722212

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WPhR2mgjHvAMDWfil70eig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21871
x-fb-rlafr: 0
x-fb-debug: iS+kZrz4FgNH/YCua1vWzq/AqAtSA7u3SPCc3E4ynCqRsXsUyCeyYTeBNWRRryaL+i4VQg3TxJMqv4CFXG56DQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 29 Mar 2024 09:32:33 GMT

GET
H3 200 Bdp2z_N_cOM.js Show response
static.xx.fbcdn.net/rsrc.php/v3iy3R4/yX/l/en_GB/ Frame 5BE1 192 KB
43 KB 84ms
48ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iy3R4/yX/l/en_GB/Bdp2z_N_cOM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49b25582e5fa4c30366f1db0fce08839201659a3e586928f3d063b356a5e2430

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: AxSWde+aqGfnGwikIDNkwA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 43481
x-fb-rlafr: 0
x-fb-debug: lQ+JThqkcsQbLKcc5E4C3a6+DhLfcGJO2rkzm2Vcxef3cMo8wzzcIVPHiiKf+31emr+r+ISQ8e51Y960rHkVjA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 18:41:07 GMT

GET
H3 200 1_Vl38oy0lQ.js
static.xx.fbcdn.net/rsrc.php/v3impS4/yA/l/en_GB/ Frame 5BE1 327 KB
0 88ms
51ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3impS4/yA/l/en_GB/1_Vl38oy0lQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: PLwFzLy5A7zWIWnHgsJZKg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78442
x-fb-rlafr: 0
x-fb-debug: kZtTmolPVeegl7XSPfdn9gdTNe/q029elEVAQNPcGugxNx12XnhutbNURkkQb8eI2/+jX4Sxo9zveUv3SHIBnA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 17:42:19 GMT

GET
H3 200 h8ulkmpky8f.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 5BE1 55 KB
15 KB 91ms
55ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lbhbphR1BNPxW6RqDJiiow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15174
x-fb-rlafr: 0
x-fb-debug: X56qIP5BZ2FgT9u13CLa3zq5z7+L8Nv2n+RM9+SLehGK0UF6JGqtpoBPO2vMKvhINy5g79YgUznv76gDhW136w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 21 Mar 2024 16:39:11 GMT

GET
H3 200 X8K3hliZWbP.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 5BE1 295 KB
58 KB 94ms
58ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/X8K3hliZWbP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b99ce8dd7b740ffdb1135a978cbc4cbc6bac722b026bc4b40d9b9785b7acc64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4zhV5V6VClMgRvBX484HcA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 59153
x-fb-rlafr: 0
x-fb-debug: S975UnpdQOhFfuqs3jJZH83U08zI40pt7X5HOwBWXa545z7sb+aDuJFU4a/Zj/zqzRHgycDUeYkCYuaXE/ibyg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 23 Mar 2024 02:06:05 GMT

GET
H3 200 lfnMUR-hUjF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 5BE1 4 KB
1 KB 99ms
63ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/lfnMUR-hUjF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

997f7818761aaa374ed1cf860ea3878be6cbe7c4c1be2855e99f44ce0db401b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pPQstEZKAK9n5HrMGGw6fw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1076
x-fb-rlafr: 0
x-fb-debug: HQIXkMzZC5rWxQB5WbmFUDwMTPFxnSoTpoQhTsCgpHephuOdPscnHtr9v30VpiL1iUgogj9phJtnMpkQqeHPSg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 20 Mar 2024 17:13:25 GMT

GET
H3 200 ie38mp0O07P.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 5BE1 25 KB
10 KB 100ms
64ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CEYVgZg04j7erS0ub7sNsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10390
x-fb-rlafr: 0
x-fb-debug: 9jTWWusJVrjbOczt4JpU6aCUKh83tmytFvP/xGauhGwC6aD3NV6ald35tQMetNJrw5Jt1KxHJ/6fVDh0FbOB0w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 16 Mar 2024 14:32:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 797E 0
0 117ms
84ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYb8EKwomZNPzKJmS7AOnt4z4DbzT3Ldvibm_x70RiJzMtt4JEAEgnZWfJmCV4pCCoAegAcX2pp0DyAEGqQKdimvoZUiyPqgDAcgDAqoEpAJP0DOCb7-st2M6RnhIj8qagbavr3uIsVw8AqjXmYBewyKE1og4nwQGPOh3ICga2jb8J7wWzE_FwxlCflcEsRqI6qgDkJ8lsVOO7H8maeviQQX6rnOroNR9rrkHaidpfmWKsZzG1vctUUh9LzN05YnVMiFvHUmSOui172hySa3rx_DKNyIutCAeUpy5_32slACnAxgF2st_uIjxER6BuM2fY7rxax74r0oTvFBHF3mcJ5oHAehPkPR6FERWjiJPiHm8EAVMFoc5eB8odBYRzLxDUpswZMxsbqtoDaX03WK26a4DdMsk4r7w3sz6VLFPBIbTGJYZ2y6vjc_VjW1YNZFLnZLbJGtfdq4tEUA7eQy5L_sAVK2etadmBJzUVheiOS7tOXeCwASyi5roqASgBjeAB6OJ2WKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCN9hfSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTA4gUDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zOTI2OTQyMzc4NTI2Njk5GAA&sigh=4mKT7Dr1ivU&uach_m=[UACH]&cid=CAQSGwDUE5ymKV6G9dRVwXBgk8-4SyOh8Ub1LWH4TxgB&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=450&slotname=6386959814&adk=2385054151&adf=3126712698&pi=t.ma~as.6386959814&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1680214571&rafmt=9&format=750x450&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=3&bdt=768&idt=147&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CgfllgHtHg&p=https%3A//www.blackhatrussia.com&dtd=538
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Mar 2023 22:16:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Mar 2023 22:16:12 GMT

GET
DATA 200
OK truncated
/ Frame 797E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4393dc4b08c9b2d3cc5d7886d9b3bc509fca66d885a9b77aa5203f5294d3ac08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 yqr-wjsb8TW.css
static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/ Frame 0B9B 17 KB
5 KB 11ms
10ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/yqr-wjsb8TW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

47845d8ec3e950a384c742215672d45457b690e10b9503dbfb95963683e8d885

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YGaw6NqRHRZfVCndxvIU2g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4613
x-fb-rlafr: 0
x-fb-debug: pbHilgrHoxgMKM7aJhGAFyr4Ix2pOJMoC+tcby3FBm0FUZVungeepMWRtN1vqD42EEnyMQnj+8YxK2lW86+7Kw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Fri, 29 Mar 2024 17:46:25 GMT

GET
DATA 200
OK truncated
/ Frame 0B9B 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 UislPCXOWc0.css
static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/ Frame 0B9B 19 KB
5 KB 16ms
9ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/UislPCXOWc0.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f75b6ee6e9bd2f4f0e4c5221d955dede1229eae2c137ad283fccc4918cc5bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HlDm5uW9RcrMa0LFO+oNyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4558
x-fb-rlafr: 0
x-fb-debug: 4KydTkzyrdpbnMszCYOY+D3PDgHjzat8bE0oTZt7xN1JoSx3K82t3bcVUx3/UvoYlC9yGsFKv77lkT7fp0dZPQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Mon, 25 Mar 2024 08:56:06 GMT

GET
H3 200 iJ74GuEjPmx.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ Frame 0B9B 39 KB
8 KB 18ms
11ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/iJ74GuEjPmx.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ad14eeb748eee6a429d326f2232cac4917e4a1d798126911407094f13ca0bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yyTfWzZpODOQ+bPkJuxuVg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8303
x-fb-rlafr: 0
x-fb-debug: Asqlrke+DTxPWOw5r2PKaUFkxTjQiU1vtUDM/lo+c3Z6V1v4+lqL3b1A5hXQpQPed/bdJ3jKIIe4lN9veENTPw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Thu, 28 Mar 2024 22:38:56 GMT

GET
H3 200 yniYuNWWbQj.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ Frame 0B9B 19 KB
4 KB 51ms
45ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/yniYuNWWbQj.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d30f8b4e7f947843a40a38276e1755f0c4ced815871656a67dd1c59132f65604

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: f7lWmk4BcXRYpE0lASN5Jg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4391
x-fb-rlafr: 0
x-fb-debug: AvFQ/vgvSjl/YfPOcvAYDLDahF7VL8IvsmAEldwMRujmhmmxPSPvPDYWeorJj0knGKSZyvVeO6XGsFMjpIMkPg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Fri, 29 Mar 2024 17:49:18 GMT

GET
H3 200 4iWhS8Rmg05.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame 0B9B 5 KB
2 KB 54ms
47ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/4iWhS8Rmg05.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82086f0311629c7ee6a01a4be243812253468828935001a8ea2b83966c7323f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JeT+zLS1FSZKdVW6wO6SQg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: T5CIvTsLcPAZsbfh9OP9iA++45pMgZTvJKWmcfIq2kP80iqJZ0CTm+IGur8hlQQtzJDSJmHJhNXDL21OuDFt/g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 23 Mar 2024 23:45:33 GMT

GET
H3 200 ELwrIoo5T4W.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 0B9B 11 KB
4 KB 60ms
53ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/ELwrIoo5T4W.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b591e087b24a5a83fc978f66884e61fbed70f597738562cabb1075e1b0130b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1bg20nO2ExDfkSMHvbXd2A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3935
x-fb-rlafr: 0
x-fb-debug: ptLeIckqWjfcW8dU7Ya0kewYhGO4UptikyVScQAi9ae0wPcL1h9e9P1WJPx+HoAKY3C9ms3dwaO7J4q5r2cJNw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 29 Mar 2024 17:49:08 GMT

GET
H3 200 XMHgiwdrM2B.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame 0B9B 33 KB
6 KB 56ms
50ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43cef17a32d6403565654fc0972e73949f5cdb2c7e51830898b0738078f89f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: x1EIOauApyTRaW/nXejV3Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6475
x-fb-rlafr: 0
x-fb-debug: moBIFJagyD7GsbeF5lECYwZ43P9095PblLrtYK9r8b6vt9s34QcpJn5fzPmgaGtAQKp7/pr4fz8yw315J30cdQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Mon, 25 Mar 2024 16:42:05 GMT

GET
H3 200 zTAcZgbV8nB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 0B9B 61 KB
16 KB 62ms
55ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/zTAcZgbV8nB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc0d49dfd20b6ece5010cdd54bdefad3fe2df62828dc6c579cbaf5a4e63a9fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NST0JUomaRRhKDzRtqfVoQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16144
x-fb-rlafr: 0
x-fb-debug: BpW1qd3KWnUizHDuI5kkWC0Jm30F3T3+aQvTiONhPNVoxuO+cbTmf4SnWcxyh3nWKfHVOIfskFvcJNmggvtDRA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 21 Mar 2024 17:04:16 GMT

GET
H3 200 SV0HgmB8RsT.js Show response
static.xx.fbcdn.net/rsrc.php/v3ibcU4/y4/l/en_GB/ Frame 0B9B 31 KB
9 KB 64ms
58ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ibcU4/y4/l/en_GB/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc9595ee8439c5d2990126d60c5587c1120741b96a168e278e6d47defccea5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4KqTzccePH9IygV28VQtgA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9053
x-fb-rlafr: 0
x-fb-debug: xSbWFTWu5vM4mqngI+qZw5rdZyuVYPmQQdmLSb7Gk/MBpVnv3PqAL9QP7w65KSpJJb2VUBj+Fm8lE13DZN4lWg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 20:06:07 GMT

GET
H3 200 UN3_PbR-HJ4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 0B9B 21 KB
7 KB 62ms
56ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/UN3_PbR-HJ4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e239a7ef6b367100ceb17647f6057f4b9db339e29e8e0778151df9ca5e07e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3uuABC/lnX9uyekO3Kn9bg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7104
x-fb-rlafr: 0
x-fb-debug: LQndBbEXdgYb92uvBs8ihGbbDYzP/PiWEOQVstvdLnhxGaREwSb/xPHtqqsJp2+t43oKBz3DZFvrF8tim5um2g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 27 Mar 2024 09:18:35 GMT

GET
H3 200 V8jK12UmQ6C.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 0B9B 3 KB
1 KB 70ms
64ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2030569339b862f00a936d97af228b1bc2500d7f7162abc23be7d8acc710482

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G94KxmId/Gs6bmpfm04/RQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1248
x-fb-rlafr: 0
x-fb-debug: iIKvk7C3pssbCMtp8d0LOonLn8SQDMWXqZ7Xcurv7fXjV/5CRtZ3+HTNEOv52SgrYlXKxNM9Y1sj8Bb2CCRz1Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 19:25:46 GMT

GET
H3 200 7TQpq0fzfu4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 0B9B 2 KB
848 B 88ms
82ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TLChQoDhUYzpJFadDZTs1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 782
x-fb-rlafr: 0
x-fb-debug: hGHOMSshBHypwTCYBjeOuTA7o4SSvPjg1Up5VqWIMh8MMoqH9ivC5lgruXBBN54M/CjPM5jwW+jsVGaVB+dT0w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 21 Mar 2024 20:07:25 GMT

GET
H3 200 pCP62JLHAlV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 0B9B 34 KB
9 KB 73ms
67ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/pCP62JLHAlV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d5b6dcf1c2a190f3c0e349631cbd0db2688d48c3a57abf1644ecf985ddaf925

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G58j4o2IMumKENNSiT0Ohg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9161
x-fb-rlafr: 0
x-fb-debug: DQqVAvNr8EDKDLLVi/t0P+Mj/SEGRB4u08Hufz7boGJ0k+YnGhtakOlvA5AXH6Uue7R5Z9m42sCKaoe7WGj3rA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 21 Mar 2024 18:37:09 GMT

GET
H3 200 X3lvXGmoTXJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 0B9B 285 KB
61 KB 79ms
73ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/X3lvXGmoTXJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6a1aac7f01f0a637038a98e9506c89712c23f895b369bfd928c2c5e3fbadb9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1eMdOJFYFTRNKpap1vVR9A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 62118
x-fb-rlafr: 0
x-fb-debug: kiy/fFEmU4i6DuHd0bl/lrtxyfnh6jpatIQ5q7BJgAPjdMalgjCZiGlsHArrrEOw5h07aE+lo0ICzhpNu/VKRg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 22 Mar 2024 00:07:44 GMT

GET
H3 200 lSA1bh92ImV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame 0B9B 40 KB
11 KB 83ms
77ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/lSA1bh92ImV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68053b0b29e66768a7bd8979251fd3d0428afb1afd669260682eaee463fb17d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DZy8yVYLhc4NXGuKrNEL9g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11255
x-fb-rlafr: 0
x-fb-debug: cHNW6AwAfBZdIUtbfp/g6aua8xj9wjZ39r7pHmHS9O7QwJQJwXFKuDxBgFsrq7l8jIx1BR8BAedCNrRpR4dmPA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 18:49:05 GMT

GET
H3 200 dKGK0McILid.js Show response
static.xx.fbcdn.net/rsrc.php/v3i30-4/yR/l/en_GB/ Frame 0B9B 408 KB
96 KB 85ms
80ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i30-4/yR/l/en_GB/dKGK0McILid.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20b9f77fb50c9a36b849adb3ff16036ae5cf0dc972ed7861a122de20d8b08487

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FIDgkDHR2kp2eF9oVexZ8A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 98247
x-fb-rlafr: 0
x-fb-debug: zNChwi0i81PKmNgtw+Mn6xwa09Vtjo2/Yy70zZT36SS0dtEkODU2/wWtWs5P4H8dwYYp/g7gBi9ADY4LBfJfVQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Mon, 25 Mar 2024 08:56:07 GMT

GET
H3 200 Una1ssYdRqv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame 0B9B 34 KB
10 KB 156ms
151ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/Una1ssYdRqv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9bd5a2d950b6ef695d60ba988621416a6f78315ed3d7988ded857ed6cc80042

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XfNQ0QzNbBnTdKXne7bOiQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10197
x-fb-rlafr: 0
x-fb-debug: eluUPIobyJJqqGF06uoWfZb5hwdr+JSxSfAP2QTh999a4AdZl3nTCdUDF5AJQDkYmiGIInxjptwEuY2tbpN1gg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 23 Mar 2024 16:28:03 GMT

GET
H3 200 BqEjD1dj1pL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 0B9B 840 B
422 B 164ms
158ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uknKQ5sJ+8vBWLiIBWWBIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 356
x-fb-rlafr: 0
x-fb-debug: n3g8fES0w/XTsdgiQjwN6B6M4O4QecZJIIvnr1ITCBjb6xqJL7HiECIwzE7HqzCTjUreP0Zf8ljC87cR4KzUwQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 17:57:45 GMT

GET
H3 200 dswQVshrjuE.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame 0B9B 343 KB
75 KB 164ms
159ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/dswQVshrjuE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf658e5812fe693304264a1b126dc3e36f9ee7f849afbf560508074166c4c5d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5HlEAsuzMIHfgLYDxtxKvg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76386
x-fb-rlafr: 0
x-fb-debug: 9wEjtzKx/FwHxZfPd/gM54sSQUmVIqg3D07+C/0kIWVEMWAfbDNVHcXFovXKT3l3/gCHXvIeH2vvKLZG4P0Wjg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 27 Mar 2024 21:28:09 GMT

GET
H3 200 mXciX7j8BCz.js
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ Frame 0B9B 23 KB
0 169ms
163ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/r/mXciX7j8BCz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nTkdL1vur9qJzFQ6yl0svg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5940
x-fb-rlafr: 0
x-fb-debug: t2WeluDCWkNEzSelh9QGqGKQpCkkVVQT7tPCLs3b8/Vhi9CLIvDXvfTlbJZNo2dG8426pMpmPe0uYzutozJLOw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 21 Mar 2024 18:08:37 GMT

GET
H3 200 UINyxpEgUZj.js
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ Frame 0B9B 86 KB
0 169ms
164ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/UINyxpEgUZj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WPhR2mgjHvAMDWfil70eig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21871
x-fb-rlafr: 0
x-fb-debug: iS+kZrz4FgNH/YCua1vWzq/AqAtSA7u3SPCc3E4ynCqRsXsUyCeyYTeBNWRRryaL+i4VQg3TxJMqv4CFXG56DQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 29 Mar 2024 09:32:33 GMT

GET
H3 200 Bdp2z_N_cOM.js
static.xx.fbcdn.net/rsrc.php/v3iy3R4/yX/l/en_GB/ Frame 0B9B 192 KB
0 171ms
166ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iy3R4/yX/l/en_GB/Bdp2z_N_cOM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: AxSWde+aqGfnGwikIDNkwA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 43481
x-fb-rlafr: 0
x-fb-debug: lQ+JThqkcsQbLKcc5E4C3a6+DhLfcGJO2rkzm2Vcxef3cMo8wzzcIVPHiiKf+31emr+r+ISQ8e51Y960rHkVjA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 18:41:07 GMT

GET
H3 200 1_Vl38oy0lQ.js
static.xx.fbcdn.net/rsrc.php/v3impS4/yA/l/en_GB/ Frame 0B9B 327 KB
0 176ms
170ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3impS4/yA/l/en_GB/1_Vl38oy0lQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: PLwFzLy5A7zWIWnHgsJZKg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78442
x-fb-rlafr: 0
x-fb-debug: kZtTmolPVeegl7XSPfdn9gdTNe/q029elEVAQNPcGugxNx12XnhutbNURkkQb8eI2/+jX4Sxo9zveUv3SHIBnA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 17:42:19 GMT

GET
H3 200 h8ulkmpky8f.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 0B9B 55 KB
0 182ms
177ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lbhbphR1BNPxW6RqDJiiow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15174
x-fb-rlafr: 0
x-fb-debug: X56qIP5BZ2FgT9u13CLa3zq5z7+L8Nv2n+RM9+SLehGK0UF6JGqtpoBPO2vMKvhINy5g79YgUznv76gDhW136w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 21 Mar 2024 16:39:11 GMT

GET
H3 200 X8K3hliZWbP.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 0B9B 295 KB
0 183ms
178ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/X8K3hliZWbP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4zhV5V6VClMgRvBX484HcA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 59153
x-fb-rlafr: 0
x-fb-debug: S975UnpdQOhFfuqs3jJZH83U08zI40pt7X5HOwBWXa545z7sb+aDuJFU4a/Zj/zqzRHgycDUeYkCYuaXE/ibyg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 23 Mar 2024 02:06:05 GMT

GET
H3 200 lfnMUR-hUjF.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 0B9B 4 KB
0 245ms
240ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/lfnMUR-hUjF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pPQstEZKAK9n5HrMGGw6fw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1076
x-fb-rlafr: 0
x-fb-debug: HQIXkMzZC5rWxQB5WbmFUDwMTPFxnSoTpoQhTsCgpHephuOdPscnHtr9v30VpiL1iUgogj9phJtnMpkQqeHPSg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 20 Mar 2024 17:13:25 GMT

GET
H3 200 ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 0B9B 25 KB
0 245ms
241ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CEYVgZg04j7erS0ub7sNsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10390
x-fb-rlafr: 0
x-fb-debug: 9jTWWusJVrjbOczt4JpU6aCUKh83tmytFvP/xGauhGwC6aD3NV6ald35tQMetNJrw5Jt1KxHJ/6fVDh0FbOB0w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 16 Mar 2024 14:32:16 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 108ms
106ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!2jl8c6alqn&lm=0&ts=1680214572048&dn=TC&iso=0&us_privacy=1---&pu=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&ct=USA%20passport%20PSD%20Template&t=USA%20passport%20PSD%20Template%20%C2%BB%20learn%20all%20kind%20of%20hacking
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 30 Mar 2023 22:16:12 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 /
www.facebook.com/login/ Frame 5BE1 0
0 96ms
94ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv14.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df10d44ccda749c%2526domain%253Dwww.blackhatrussia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blackhatrussia.com%25252Ff26932b03818e74%2526relation%253Dparent.parent%26container_width%3D360%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblackhatrussiaofficial007%26locale%3Den_GB%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d44ccda749c%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Mar 2023 22:16:12 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: esZoe0UBawddHBSqjIDzco6Jz4vLLgx4p87PYAgC2HqKB0xsSMVZZZWBFnQZztB8+5BFNjc/ArrG22CMBWmNGw==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 46ms
44ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.blackhatrussia.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 47ms
45ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.blackhatrussia.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/ Frame 5D3A 10 KB
4 KB 41ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 02:52:55 GMT
etag: 2378337311435320485
expires: Thu, 13 Apr 2023 02:52:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/ Frame AF6A 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 02:52:55 GMT
etag: 2378337311435320485
expires: Thu, 13 Apr 2023 02:52:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/ Frame 3F2E 10 KB
4 KB 47ms
46ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 02:52:55 GMT
etag: 2378337311435320485
expires: Thu, 13 Apr 2023 02:52:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/ Frame 414C 10 KB
4 KB 55ms
54ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 02:52:55 GMT
etag: 2378337311435320485
expires: Thu, 13 Apr 2023 02:52:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame B573 2 KB
2 KB 53ms
52ms Image
image/png 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
server: cafe
age: 15061
etag: 9923804599063086578
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2033
x-xss-protection: 0
expires: Fri, 31 Mar 2023 18:05:11 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/841684701835869913/ Frame B573 2 KB
2 KB 53ms
52ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/841684701835869913/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1490aad284b9af37c925810fe6cad4bf2b972ffbf906462c0e391d3218bd1224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 06:58:47 GMT
x-content-type-options: nosniff
age: 314245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2231
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 11:20:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Mar 2024 06:58:47 GMT

GET
H3 200 /
www.facebook.com/login/ Frame 0B9B 0
0 85ms
82ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv14.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df32983bf0449e44%2526domain%253Dwww.blackhatrussia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blackhatrussia.com%25252Ff26932b03818e74%2526relation%253Dparent.parent%26container_width%3D263%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblackhatrussiaofficial007%26locale%3Den_GB%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/GjqmzZYOHmI.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32983bf0449e44%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff26932b03818e74%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Mar 2023 22:16:13 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: fPcMqt/X4CNR+S+VjbZy/dbGB+IvMbmhAUHl3L/aQaB+uf8Pi4+wljSeZqVZvYzKtzkf1ciejpObKjJlsnWVhw==
x-frame-options: DENY
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame B573 0
234 B 449ms
155ms Ping
image/gif 2607:f8b0:4000:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lfvodhyc&c=3653070003467&slotId=1826535001733.5&qqid=CJP2w4XXhP4CFQQUGAodJY4Ayw&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/42196e044d318fce4dd2b9ee7e6b9d71.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4000:800::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B573 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6528039975527766319/ Frame B573 56 KB
56 KB 41ms
41ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6528039975527766319/14763004658117789537

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

382a5397dd5c60820a72c016a0a5bc074482e1ba72bfa35149be6c4f6c5073c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:00:59 GMT
x-content-type-options: nosniff
age: 314114
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56876
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 15:56:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Mar 2024 07:00:59 GMT

GET
DATA 200
OK truncated
/ Frame ADFA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9a02913e28dd00a0463974773922a3fa89cbe2c0c21127b2b79e655df93b1f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
106ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!2jl8c6alqn&lm=0&ts=1680214572048&dn=TC&iso=0&us_privacy=1---&pu=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&ct=USA%20passport%20PSD%20Template
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 30 Mar 2023 22:16:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 56ms
55ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.6842384538557973

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B011H1tEL1pazPjWiTK5xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-B011H1tEL1pazPjWiTK5xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 94ms
93ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.560206896110062

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SFv6uUYd5UexMAd2f9SMog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-SFv6uUYd5UexMAd2f9SMog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr1---sn-5hneknee.googlevideo.com/ Frame B573 2 MB
2 MB 122ms
25ms Media
video/mp4 2a00:1450:400e:8::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5hneknee.googlevideo.com/videoplayback?expire=1680243372&ei=LAomZI-bFpaNv_IP1Py_0AM&ip=2a03:1b20:6:f011::7e&id=2f5b8ebab84b9fb7&itag=18&source=youtube&requiressl=yes&mh=Vl&mm=31&mn=sn-5hneknee&ms=au&mv=m&mvi=1&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=35.062&lmt=1652332624149371&mt=1680214172&txp=6218224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAKrP3BCha0SZgiSiCeOhAmDIUkCyc2mAv3yHRK6vGSMUAiBmf9TAtbR3YFq5ttVvofatWHaZHsFKvBskwChhOAnDQw==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANIZrWUqC27jlm7Dl7_6oZNU4SRsIJq3lsWEEJR4mG2_AiB2F7RlE4l_J8kMk06OiR_GkzHbOvgiId0_cw9J-A2jQQ==&cpn=e85C4M6wnmarCe8x

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:8::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

32c91f0e59e8bee6d1ceaede0be6ff4e946c3e65e3204b0c25389b58d292f6b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 30 Mar 2023 22:16:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 May 2022 05:17:04 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2134590/2134591
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2134591
Expires: Thu, 30 Mar 2023 22:16:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B573 0
0 93ms
92ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmsYHKwomZNO0KYSoYKWcgtgM4cX4zm78z57rqgunsNPEpw8QASCdlZ8mYJXikIKgB6AByLGpzQPIAQmoAwHIA8sEqgSWAk_QoI7ao8uyGtNIQWdbvGa4yCcn7j9Erc8AEjQB1ZgdsHLlREtwU1zHboo6bLCZtfPQBbCrncmA1gWFlqPjyJSbBvSSRW2QzcbZ6lBfft0KQbqNe3vDeALhoFBd75oPl5G3tAtng1iPjRe48T8n13RPv3kGJBs9Jii5APdhxIWTWPNp_bA1rhYir_U2B4E07bja2fGlNos-CDaZ9Ux9b_At-qjvh0SUt5v1HRoIvhWzIcfN7bA592munx8-VEo5R45sDoCoeZBC-IDIw5yHFqvQVW0NowTVlqwG2lUfVEcEd7p62QJ6VbmhPnamb46-elOJXK68S1VPfIRbF57NlPTIah6jx5vRR0Rn8YzTgV8f0cvv_6cjwASe3eG46gGSBQQIBBgBkgUECAUYBKAGLoAH5OriNagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFEMizrQLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgTnBvYEwyIFA3QFQGAFwGyFxwKGggAEhRwdWItMzkyNjk0MjM3ODUyNjY5ORgA&sigh=jhRX6dUyvmU&uach_m=[UACH]&cid=CAQSGwDUE5ym9mrfAU2fLebuE14IwqDd7Tx3MlLqiBgB&template_id=3484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Mar 2023 22:16:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B573 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed2170c985d7a945b0c2aea5817f56c12bfce53c05359a6e14e238d3b5ac46ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame 5D3A 4 KB
636 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 22:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 20:39:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 22:16:13 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5D3A 205 B
229 B 40ms
39ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:01:22 GMT
x-content-type-options: nosniff
age: 891
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 29 Mar 2024 22:01:22 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5D3A 604 B
628 B 40ms
39ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 15:38:44 GMT
x-content-type-options: nosniff
age: 23849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 29 Mar 2024 15:38:44 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/ Frame 5D3A 19 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:39:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:39:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AF6A 8 KB
895 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 22:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 22:11:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 22:16:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame AF6A 2 KB
765 B 57ms
57ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame AF6A 22 KB
9 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame AF6A 3 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame AF6A 20 KB
8 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF6A 158 KB
48 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 22:16:13 GMT

GET
H3 200 572670f91facfac87fddb213925da9fc.js Show response
www.gstatic.com/mysidia/ Frame AF6A 34 KB
14 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/572670f91facfac87fddb213925da9fc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af8cd1cb4e1060d144a844f6d0b12b0887c5ebb2e521c9f2aaa7fefc7254d8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 20:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14438
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 20:56:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 20:50:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3F2E 8 KB
895 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 22:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 22:09:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 22:16:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 3F2E 2 KB
765 B 43ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame 3F2E 22 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 3F2E 3 KB
1 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 3F2E 20 KB
8 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F2E 158 KB
48 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 22:16:13 GMT

GET
H3 200 572670f91facfac87fddb213925da9fc.js Show response
www.gstatic.com/mysidia/ Frame 3F2E 34 KB
14 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/572670f91facfac87fddb213925da9fc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af8cd1cb4e1060d144a844f6d0b12b0887c5ebb2e521c9f2aaa7fefc7254d8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 20:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14438
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 20:56:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 20:50:46 GMT

GET
H3 200 dd9f860f4cef23b7700d578f01fdd738.js Show response
www.gstatic.com/mysidia/ Frame 414C 10 KB
4 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dd9f860f4cef23b7700d578f01fdd738.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02a5ba607169327f9866fc6a13ab05ad89a2585c40b454c9fac1c7b21bb7216b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 22:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4444
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 17:51:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 22:58:56 GMT

GET
H3 200 0fc726fdff52ecd0d4a3fd020241fae8.js Show response
www.gstatic.com/mysidia/ Frame 414C 11 KB
5 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0fc726fdff52ecd0d4a3fd020241fae8.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0228e83af168994728fff6fc1e9c29e601e4d0b2e5cbb28b950c4b37f0d1f785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 22:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4816
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 17:51:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 22:58:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 414C 8 KB
895 B 74ms
71ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 22:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 20:50:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 22:16:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 414C 2 KB
765 B 53ms
51ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame 414C 22 KB
9 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 414C 3 KB
1 KB 76ms
60ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 414C 20 KB
8 KB 77ms
59ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 414C 158 KB
48 KB 99ms
82ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 22:16:13 GMT

GET
H3 200 572670f91facfac87fddb213925da9fc.js Show response
www.gstatic.com/mysidia/ Frame 414C 34 KB
14 KB 77ms
60ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/572670f91facfac87fddb213925da9fc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af8cd1cb4e1060d144a844f6d0b12b0887c5ebb2e521c9f2aaa7fefc7254d8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 20:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14438
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 20:56:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 20:50:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ADFA 15 KB
15 KB 87ms
44ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 49113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:37:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ADFA 15 KB
16 KB 85ms
47ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 49113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:37:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ADFA 15 KB
15 KB 97ms
67ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 49114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:37:39 GMT

POST
H3 204 AGSKWxWF-SqMW998s9v7DEIN2Gh-ogFCy9tOgzpcMe-4TySceklgvS3T_sK9KWvDGEw3N9FhJR0Blw8iHd9T5WzXb5tsZHRDtceasKVOVP-9tensD1J_spRiQhOn4XgbA5Z8dK2uXX5qjw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 72ms
63ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWF-SqMW998s9v7DEIN2Gh-ogFCy9tOgzpcMe-4TySceklgvS3T_sK9KWvDGEw3N9FhJR0Blw8iHd9T5WzXb5tsZHRDtceasKVOVP-9tensD1J_spRiQhOn4XgbA5Z8dK2uXX5qjw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KNEsXRlZMMODFe8T7rarBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Mar 2023 22:16:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-KNEsXRlZMMODFe8T7rarBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.blackhatrussia.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 130ms
104ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!2jl8c6alqn&lm=0&ts=1680214572048&dn=TC&iso=0&us_privacy=1---&pu=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&ct=USA%20passport%20PSD%20Template
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 30 Mar 2023 22:16:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B573 28 KB
28 KB 105ms
81ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:37:41 GMT
x-content-type-options: nosniff
age: 49112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:37:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 23ED 8 KB
895 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 22:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 20:38:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 22:16:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 23ED 2 KB
765 B 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame 23ED 22 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 23ED 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 23ED 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23ED 158 KB
48 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 22:16:13 GMT

GET
H3 200 572670f91facfac87fddb213925da9fc.js Show response
www.gstatic.com/mysidia/ Frame 23ED 34 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/572670f91facfac87fddb213925da9fc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af8cd1cb4e1060d144a844f6d0b12b0887c5ebb2e521c9f2aaa7fefc7254d8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 20:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14438
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 20:56:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 20:50:46 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B573 0
54 B 139ms
136ms Ping
image/gif 2607:f8b0:4000:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lfvodhz2&c=3653070003467&slotId=1826535001733.5&qqid=CJP2w4XXhP4CFQQUGAodJY4Ayw&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fdd9f860f4cef23b7700d578f01fdd738.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/42196e044d318fce4dd2b9ee7e6b9d71.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4000:800::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B573 0
54 B 153ms
151ms Ping
image/gif 2607:f8b0:4000:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lfvodifs&c=3653070003467&slotId=1826535001733.5&qqid=CJP2w4XXhP4CFQQUGAodJY4Ayw&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F42196e044d318fce4dd2b9ee7e6b9d71.js%253Ftag%253Dvideo_mra%252Fweb_raspberry_ms&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/42196e044d318fce4dd2b9ee7e6b9d71.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4000:800::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B573 0
54 B 154ms
149ms Ping
image/gif 2607:f8b0:4000:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lfvodifs&c=3653070003467&slotId=1826535001733.5&qqid=CJP2w4XXhP4CFQQUGAodJY4Ayw&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F572670f91facfac87fddb213925da9fc.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/42196e044d318fce4dd2b9ee7e6b9d71.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4000:800::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 414C 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLWdwKwomZJnlJ43cYZvJgPAKvNPct2-Jub_HvRGInMy23gkQASCdlZ8mYJXikIKgB6ABxfamnQPIAQGpAp2Ka-hlSLI-qAMByAPLBKoEpQJP0NIUjFB_c_rA9Wqh_-0aArzK7Xt20UYdwAaFhAgmDmX5gjUwx8sAzhh6yq1CPX5HV3NMSGD-lTsd-lnewYnfSeR9hjMMJFIzfj08LMxu-JME4T-kRkXIeo1P9E2J7Vb3dCcHGDRECG8mKwp41dZ3eF3_MZvD2sk0StskTCJNIkPR7kJLbaGeDO3KTmh-WZAorItmuZ8ps4R7QrIoL1JQtX9CNRfUiC22g77Foy1B7X8c0w2f3nJOogg5nmfNuHiQB4xDrGMtfH0Z2KwA6e-6Y8vKauL12mRZsvsK3qLX894jOdLjFrVVQDggXHaOzUWMtFK-hhhsnu-_TRl1yqazX-Mfp5WV9Cweng3Q6VYcuABxhGlFR88EHIvR77I1wtQMfIBmY8AEsoua6KgEgAejidliqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQz4kh0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwOIFA7QFQGYFgGAFwGyFxwKGggAEhRwdWItMzkyNjk0MjM3ODUyNjY5ORgA&sigh=uNJzJq3Dmq4&uach_m=[UACH]&cid=CAQSGwDUE5ymyEFGTMs8Nn6pdSnxyQZFXXd1VDsMIRgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Mar 2023 22:16:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2AD4 143 B
166 B 38ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 21:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame B573 42 B
64 B 77ms
77ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Csz_oKwomZNO0KYSoYKWcgtgM4cX4zm78z57rqgunsNPEpw8QASCdlZ8mYJXikIKgB6AByLGpzQPIAQmoAwHIA8sEqgSZAk_QoI7ao8uyGtNIQWdbvGa4yCcn7j9Erc8AEjQB1ZgdsHLlREtwU1zHboo6bLCZtfPQBbCrncmA1gWFlqPjyJSbBvSSRW2QzcbZ6lBfft0KQbqNe3vDeALhoFBd75oPl5G3tAtng1iPjRe48T8n13RPv3kGJBs9Jii5APdhxIWTWPNp_bA1rhYir_U2B4E07bja2fGlNos-CDaZ9Ux9b_At-qjvh0SUt5v1HRoIvhWzIcfN7bA592munx8-VEo5R45sDoCoeZBC-IDIw5yHFqvQVW0NowTVlqwG2lUfVEcEd7p62QJ6VbmhPnamb46-elPLXo4u5de5NTatSTIh22sMlxWLzrXJ_P6TvhMddXYzyWdJEe6RzXmkwASe3eG46gGgBi6AB-Tq4jWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECxCfKADKm-AGAugAoBigroAWh0dHBzOi8vZXVyb3BlLXdlc3QxLXBhZXNzLTEyMy5jbG91ZGZ1bmN0aW9ucy5uZXQvdHJhY2s_dXJsPXtscHVybH0mY3VzdG9tZXJpZD0xNTQ1OTA2MjczJmNhbXBhaWduaWQ9MTYyNDgxNTUyNiZhZGdyb3VwaWQ9NjI5MzI5MzgzOTgmdGFyZ2V0aWQ9Jm5ldHdvcms9ZCZkZXZpY2U9YyZkZXZpY2Vtb2RlbD0mbG9jX3BoeXNpY2FsX21zPTEwMDQzNjMmcGxhY2VtZW50PXd3dy5ibGFja2hhdHJ1c3NpYS5jb22YCwHICwHgCwGADAG4DAG4E5wb2BMMiBQN0BUB-BYBgBcB&sigh=ieBv5fbbbRI&cid=CAQSGwDUE5ym9mrfAU2fLebuE14IwqDd7Tx3MlLqiA&label=adresume

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E5F 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1680214571&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=42&bdt=769&idt=258&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450%2C300x600&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QV80g3wYRS&p=https%3A//www.blackhatrussia.com&dtd=559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 14:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14116
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 14:10:21 GMT

GET
H3 200 wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DF5 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 14:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14116
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 14:10:21 GMT

GET
DATA 200
OK truncated
/ Frame 414C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 232e6a543801fdd76783f05054702ade70c7ef318aa5be0d7238419f9873c4d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 107ms
107ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!2jl8c6alqn&lm=0&ts=1680214572048&dn=TC&iso=0&us_privacy=1---&pu=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/469-us-passport-psd-template.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 30 Mar 2023 22:16:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6528039975527766319/ Frame AF6A 4 KB
4 KB 39ms
39ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6528039975527766319/14763004658117789537?w=195&h=102

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

626ca6a5c8ffad1c09b52f1e27959674cbe23c9cf526e180e5115558c9b5e2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 07:05:31 GMT
x-content-type-options: nosniff
age: 141042
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3951
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 15:56:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Mar 2024 07:05:31 GMT

GET
DATA 200
OK truncated
/ Frame AF6A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AF6A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e5e995f0936d63304195ab72af99edee3c10d218a5d57719b13c94780631127

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AF6A 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4539b99daabba29a7cb9ddcb3ed09dcc61f07c222d98a2be580c0e0d875433f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6528039975527766319/ Frame 3F2E 4 KB
4 KB 38ms
38ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6528039975527766319/14763004658117789537?w=195&h=102

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

626ca6a5c8ffad1c09b52f1e27959674cbe23c9cf526e180e5115558c9b5e2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 07:05:31 GMT
x-content-type-options: nosniff
age: 141043
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3951
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 15:56:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Mar 2024 07:05:31 GMT

GET
DATA 200
OK truncated
/ Frame 3F2E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3F2E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e5e995f0936d63304195ab72af99edee3c10d218a5d57719b13c94780631127

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3F2E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1c68deb996de31b19095e0499ac66780d665d3ac3f8db8f5a9db01c7e4e9420

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame B573 42 B
64 B 77ms
76ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1680214571&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F469-us-passport-psd-template.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680214571083&bpp=20&bdt=768&idt=170&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x450&nras=1&correlator=8558046592030&frm=20&pv=1&ga_vid=368537263.1680214572&ga_sid=1680214572&ga_hid=151800785&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926&oid=2&pvsid=1839832053653220&tmod=1496952788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jl20ekcbX8&p=https%3A//www.blackhatrussia.com&dtd=553
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js Show response
pagead2.googlesyndication.com/bg/ Frame 395F 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 14:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14116
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 14:10:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AF6A 0
19 B 83ms
83ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgfMpKwomZJflJ43cYZvJgPAK4cX4zm78z57rqgunsNPEpw8QASCdlZ8mYJXikIKgB6AByLGpzQPIAQmoAwHIA8sEqgSWAk_QBBJ4e87JlWhrrWywzFpDpXHQ_jskcGj0XWkyFf0FYWpoZ_ID3YTv8jlecxK_giUjMsi0HhFcw4shPHbghAS8QUyJ6o6wPig7TY05dMmqUmo-y0UCPfk8eckdGDjgtOKqV8SKAyne2ixu4w1KRaMOcM_5544xSowqBBeKLETmOfA7o7JM3nD7JxruSwlLtQetL9hrvZIUL4Ek5ihhs_VoKIPM1nUuqXJcKCQjfCLZsPmqCbF_tmJEaRj7u9oqQJjptwIYI6iBxnlWG97rctWbyCluch_1hPIRds48_qeMgtLSQWdWbf2h1Uxo1cr1ZTCk6BVShGXbh-cTAKoZ1YqC9PpWhs2V0L-7aITHFBJbME-EAcxjwASe3eG46gGSBQQIBBgBkgUECAUYBKAGLoAH5OriNagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIGeENIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQN0BUBgBcBshccChoIABIUcHViLTM5MjY5NDIzNzg1MjY2OTkYAA&sigh=krTkGLlAQNc&uach_m=[UACH]&cid=CAQSGwDUE5ymyEFGTMs8Nn6pdSnxyQZFXXd1VDsMIRgB&template_id=5000&vis=1

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Mar 2023 22:16:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B51 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 14:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14116
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 14:10:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3F2E 0
19 B 83ms
83ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKhunKwomZJjlJ43cYZvJgPAK4cX4zm6mp5DyjQir1M3Bow8QASCdlZ8mYJXikIKgB6AByLGpzQPIAQmoAwHIA8sEqgSWAk_Q_GY8VWi76M2NsR7Lq49l5zuDKtqsE72X60CH-UGdJFfL0VjY46xDlkuDScvYuSU-ROSf02D7gqZ3Z3_WuBL-nsTHSJ9ALcbI6BrHX7BowTgCV5vH2xM1ESf73vCeWTyAWBsoc0qmKj57vksbRe6zhcTbdr8sFX5Fe5y6fxzHTuj4DSChEfOjnXtmj4t6P3udRJHFsRHwMjy-jrrGQRiVUzmFWgjYfDOf0FD3bkFW4FsccEOiiDRoeGsIGBc4YE9fapR1YXGiQxMFsAx81y0SUq_0bq8dwLMZbDc-JDpSoNiTaRiUHulYtZ85GSQCC1Y75-qKYXHrymxVyujOT4XPzKjXS9avWxNrAWq5RZ5G78NVKgt_wATI0aqx5wGSBQQIBBgBkgUECAUYBKAGLoAH5OriNagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKLlBdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQX0BUBgBcBshccChoIABIUcHViLTM5MjY5NDIzNzg1MjY2OTkYAA&sigh=bw6mMolNkg0&uach_m=[UACH]&cid=CAQSGwDUE5ymyEFGTMs8Nn6pdSnxyQZFXXd1VDsMIRgB&template_id=5000&vis=1

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Mar 2023 22:16:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2AD4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
55ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 22:16:14 GMT
expires: Thu, 30 Mar 2023 22:16:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 22:16:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js Show response
pagead2.googlesyndication.com/bg/ Frame A06F 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 14:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14116
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 14:10:21 GMT

GET
H3 200 wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js Show response
pagead2.googlesyndication.com/bg/ Frame 8CBD 36 KB
14 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/469-us-passport-psd-template.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 14:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14116
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 14:10:21 GMT

GET
H3 200 banner_db.php Show response
fundingchoicesmessages.google.com/f/AGSKWxXQGq1DmxsmbqiELE-mOskTJpeQXZupymBL8vhdB1cR2ef7dRBsJAB1lddPD3eMB5LZZsFdhKT7y46ZWQ0bMBM0L0U1qv8cYHFAB04FDf43iZI1Hzhl5E-HS7ZgwkbELhRB060ZcVK-usFl29SsecMpmT8J6... 54 B
109 B 56ms
56ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXQGq1DmxsmbqiELE-mOskTJpeQXZupymBL8vhdB1cR2ef7dRBsJAB1lddPD3eMB5LZZsFdhKT7y46ZWQ0bMBM0L0U1qv8cYHFAB04FDf43iZI1Hzhl5E-HS7ZgwkbELhRB060ZcVK-usFl29SsecMpmT8J6pCRiZ9a6n_krnJGgftOhvO6sk_JZNUL/_/468x060_/adsbyfalcon./adservice-/ad_premium./banner_db.php?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UERltZ7Ofy0.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMx-xFh9WYmTs70sPwdyKrJc0STrVw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54ced371aab9116622f353d6d08c41d2247f23902852bf3d8893a2505b1cbd28

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CwCSaFLR-Di3CCcTgPRJoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-CwCSaFLR-Di3CCcTgPRJoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 17:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Apr 2023 17:41:06 GMT

POST
H3 204 AGSKWxWF-SqMW998s9v7DEIN2Gh-ogFCy9tOgzpcMe-4TySceklgvS3T_sK9KWvDGEw3N9FhJR0Blw8iHd9T5WzXb5tsZHRDtceasKVOVP-9tensD1J_spRiQhOn4XgbA5Z8dK2uXX5qjw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 51ms
51ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWF-SqMW998s9v7DEIN2Gh-ogFCy9tOgzpcMe-4TySceklgvS3T_sK9KWvDGEw3N9FhJR0Blw8iHd9T5WzXb5tsZHRDtceasKVOVP-9tensD1J_spRiQhOn4XgbA5Z8dK2uXX5qjw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5sWp7LIXKtTDpZgAdsVzuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Mar 2023 22:16:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-5sWp7LIXKtTDpZgAdsVzuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.blackhatrussia.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ADFA 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuw5odx9hZxkOAyfSPUI_ugUM4iSi_b3qUNGHKrulaFwV9DU6T9mzDgF-ZmYmXtql8T3GNOzx4VAquMSdHXu6uE38v7YyoJyQX1k6warlrNup-BZl1KkRlJno9zBT8PQY2bQuqvkXkKxQo-AQ1c_NiibXL_CaQBxDy1DdOkPofNJOAyHN9ztq8WBCBtVhR-Zi4mkixYU_98_rKK9iQitUDiEb6PSkMEOjJT3yJ5tU1ddmst3Rxdd0hwwsBLPTbfRcYQCMxF2lJuomeRIiOMs3ugStzAGSfMJKD1AfMQNGdO21lk2ndaqfExC2B6CnN8NUDuX37b2gxqwlDYljC79Mqr0a8QU5VnqCMSIxy_BoyFcvbQE6H17e4kw35JHWQVI3x36KdAPmGdwaKPYuNDm7ciWiycEp9ck40ReOjqokaEAyoGfVxmlCeV7Z8aIXeNZNGZZ3CCZSwGpS1Ug4hko0aFGcCWdefkM6f9AteWszxrjNVgpQ1VCy70bxqmU7db6mAs6rzY7VLjAAS-OKXkb9d9h9WJIGF91tXoePd1bhP5bUHYDkcXkpD1WCeUUIBj8Wo3LsX9MFlKETixRJYOhXhSKAyy6bSwdivKMZeadPFCgPLoqXIkr5Cjt3hVdwMCLu6yqk_AWA0wdk68_3wD5-g399C2LywmFnemaM6TGM_C2uGDtnXV0aBF66oT3DYkw8Yce04Xyvg1AuRSHGrXHlQJdn-QHkpL7DE61nStXfJex27mGrg3Xjj9Pg5NxhOUQsxP7OYTvqnQ-QGcpiAVWYHyLryjCFq-Z3lwOdrWvMrysy3HndG3AUG9QAIzqVjzTtda-ts7j9U1LVcwqB4jcUhJ67g6ggTnerxsUJmrnbU7-95Plh3bc1va6O4aV-CYsJjuIVMPB1I8_Fha2dxzILL9YngHjepowdYhDo1TPU4KsXiF-zjrnB_PmyPEkHglH-kb7Hjo4gfUvn6t-yiCzqJxnIFsx3JWF7d4PeRVWOnbqQJZBMD6nCQ7JUUUMGuQzqczILJKUwUy0GNrBr5HJsFBH_cOElsuEboRgporfHgAv3Bo9KVpasmSE3MmgaqhnwvWHnSOmCMnp5fTI4paY8NEwACpHWPLisTPRQ&sai=AMfl-YSnX9n7AyYsoETvh7CgBblQrkRJLq_5YJ801fB_ZyXgwwMU_w3nE1Jg9KH27TiHoBu2sEvPnbqVbVYSfx8wU1iyda4jj8-Rkw&sig=Cg0ArKJSzEhYJHZFWa1jEAE&cid=CAQSGwDUE5ymOL7L6q4ThZPCf-lObx-4abx-776YihgB&id=lidar2&mcvt=1036&p=0,0,280,750&mtos=0,1036,1036,1036,1036&tos=0,1036,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=22&adk=3442936614&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680214571644&rpt=2113&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B573 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXFN2TmY-TZVeUR0lFFG8xRfX2je9qTuxJZW7QmULglKOBJaP7n9KXs7Fh6W5X1mvT6U3tew3LWX5w0WbLL_BvJaRdKEd38KvEmTa5Qs9CYDen9Bclo3uyrGMqIx8DL3qd4aRmyg&sai=AMfl-YQe6LLQjK9EBgtSbPI_wWgIclC_okSE1NUjEwDLNFhw1D1SLdw-ysGsKeJo6hzTAeP8QpyYVJWHNwN0&sig=Cg0ArKJSzMYPwb3KHeSdEAE&cid=CAQSGwDUE5ym9mrfAU2fLebuE14IwqDd7Tx3MlLqiBgB&id=lidar2&mcvt=1040&p=0,0,600,300&mtos=1040,1040,1040,1040,1040&tos=1040,0,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2449921201&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680214571637&rpt=2141&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWF-SqMW998s9v7DEIN2Gh-ogFCy9tOgzpcMe-4TySceklgvS3T_sK9KWvDGEw3N9FhJR0Blw8iHd9T5WzXb5tsZHRDtceasKVOVP-9tensD1J_spRiQhOn4XgbA5Z8dK2uXX5qjw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 54ms
54ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWF-SqMW998s9v7DEIN2Gh-ogFCy9tOgzpcMe-4TySceklgvS3T_sK9KWvDGEw3N9FhJR0Blw8iHd9T5WzXb5tsZHRDtceasKVOVP-9tensD1J_spRiQhOn4XgbA5Z8dK2uXX5qjw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f9wqy6DUJ7dP_ERccRKDWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Mar 2023 22:16:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-f9wqy6DUJ7dP_ERccRKDWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.blackhatrussia.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame B573 0
17 B 139ms
138ms Ping
image/gif 2607:f8b0:4000:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lfvodift&c=3653070003467&slotId=1826535001733.5&qqid=CJP2w4XXhP4CFQQUGAodJY4Ayw&dm=35021&event_name=first_play&asset_bytes=83375&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=28.51&met.4=ff.lfvodioa
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/42196e044d318fce4dd2b9ee7e6b9d71.js?tag=video_mra/web_raspberry_ms
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4000:800::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWF-SqMW998s9v7DEIN2Gh-ogFCy9tOgzpcMe-4TySceklgvS3T_sK9KWvDGEw3N9FhJR0Blw8iHd9T5WzXb5tsZHRDtceasKVOVP-9tensD1J_spRiQhOn4XgbA5Z8dK2uXX5qjw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 89ms
89ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWF-SqMW998s9v7DEIN2Gh-ogFCy9tOgzpcMe-4TySceklgvS3T_sK9KWvDGEw3N9FhJR0Blw8iHd9T5WzXb5tsZHRDtceasKVOVP-9tensD1J_spRiQhOn4XgbA5Z8dK2uXX5qjw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dc8dAoCHZHDwDfHrL9gklw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Mar 2023 22:16:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dc8dAoCHZHDwDfHrL9gklw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.blackhatrussia.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWF-SqMW998s9v7DEIN2Gh-ogFCy9tOgzpcMe-4TySceklgvS3T_sK9KWvDGEw3N9FhJR0Blw8iHd9T5WzXb5tsZHRDtceasKVOVP-9tensD1J_spRiQhOn4XgbA5Z8dK2uXX5qjw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 85ms
85ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWF-SqMW998s9v7DEIN2Gh-ogFCy9tOgzpcMe-4TySceklgvS3T_sK9KWvDGEw3N9FhJR0Blw8iHd9T5WzXb5tsZHRDtceasKVOVP-9tensD1J_spRiQhOn4XgbA5Z8dK2uXX5qjw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ft6nZlQh2AlSvBsQWf3iOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Mar 2023 22:16:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-ft6nZlQh2AlSvBsQWf3iOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.blackhatrussia.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUXuQVAorFN3s4nhyfo-SxiQs0prF1dmw9fYrVOxpz_-krKUu-9qVaM5x5szAr5fM_YRcPU3fCHe8e2sW2VXkE6p6t7Ax5T27g9zhk67vOdV00i0DPHPeA0LZBLJsuVHGdNeV5u9Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 74ms
74ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUXuQVAorFN3s4nhyfo-SxiQs0prF1dmw9fYrVOxpz_-krKUu-9qVaM5x5szAr5fM_YRcPU3fCHe8e2sW2VXkE6p6t7Ax5T27g9zhk67vOdV00i0DPHPeA0LZBLJsuVHGdNeV5u9Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgwMjE0NTc0LDg4NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmJsYWNraGF0cnVzc2lhLmNvbS80NjktdXMtcGFzc3BvcnQtcHNkLXRlbXBsYXRlLmh0bWwiLG51bGwsW1s4LCJVRVJsdFo3T2Z5MCJdLFs5LCJkZSJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89bf83ae775cee2f74fb4082ea1afe72b545d93803952b3cb25a459a0f3af066

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ADazxjF0NEvkFZuepvx8xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 22:16:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-ADazxjF0NEvkFZuepvx8xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVXFBUWHAKAtINQXWcvLgj8YBRdSnrcIpTo39ZK1TY2yDcmuY3UzsIBwv-Yttl65nXx9HjeixkDcKAkQTVb4d0Vn60FwPv_VojSyNWc2pTiXeGb9lP5HDvIFznh0HfDvM9yKMrqVg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 54ms
54ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVXFBUWHAKAtINQXWcvLgj8YBRdSnrcIpTo39ZK1TY2yDcmuY3UzsIBwv-Yttl65nXx9HjeixkDcKAkQTVb4d0Vn60FwPv_VojSyNWc2pTiXeGb9lP5HDvIFznh0HfDvM9yKMrqVg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MtUObysjmYMEW9icqP3zYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Mar 2023 22:16:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-MtUObysjmYMEW9icqP3zYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.blackhatrussia.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AF6A 42 B
64 B 79ms
79ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsse21VSkeev_8vDpvLIPxKjgKhSAL1D3RGFePG7rMgWW0rnjnUfjmuCFHAstshIhuViAYTov5N3_rwliZBQV7ym9UofI87lUActD7N9yVcoqsaLEycAto-vFiWoARCbCyHPqCYxlQ&sai=AMfl-YRVVf9PFqUtroUMmGZ2Xp2nETc1bS7rjHVpJyY3geNGtXTBTTwQbXVoPKQB2SRHE5hAC86cfTOlmo6E&sig=Cg0ArKJSzD-gjb4YGV3jEAE&cid=CAQSGwDUE5ymyEFGTMs8Nn6pdSnxyQZFXXd1VDsMIRgB&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680214572951&rpt=1030&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 414C 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYrSjHszz2b7-3XWGbmHNmNb3nobAPwROuYTiUFhpVEEXs6MRiGtGjPFduHcfePE86o2xMRHdqiJlgmZAqvTUfQ4Pa-9zSEbsa4W0mrg8QFgU_rZ8MCN_NZ9bnWIvi3soiPgLFo9-fGfDdtulNwj7OiMhocSrZ9BvkbdNGBbv1QRKtP4i_Jr7iDUfwBmxioREVQDQ3xyAj7Pl7Y9z6fLbqDsHJgB6GQxHTDwlGlhssw_0ywXy2_EEWIoxjc4kcOewV-MvuQ8ZJkeuYfFFHxPTI8mkdCVIYMCbheyWqP8jq-OcuuwtpYG7Cu0vRqJjQdqkVQ8RYuC9PbT_nIDpuxIlOcJtGHOcspyQeVM2ZJSTRFkoi2kHWc2sb76x9Ga0iyjTYrEQxjTtIoZLtW6ipcc8veCtkbHwEA43OVtlf5rgVGAElKTWenPh93zDpLuoCKekKppJbz0bFYFHE49HGbdibDJa2ipCUSJlkgiEwBsBn07HmpeRtyEU5VaoGsu4KM2KvD_waLFApLqmjUs_iYA8JlgJwshqADNzdUQ2GC7aM1E0dQEW6Bjt83Cd1TFc0xSmhVo7ZEldZdp-KrmMb-vUYaEoKlg1c8HBFlZUGr_tdm8XRK_J2i7chlvvZ1AtqiteFEkqrpyWjlBxReZEwicdZ5S4pbOsVPBMJg_c2KFTtDlI9eCIasQZXpJdssML_2x8BBpaExteVo6rY169u6MthDXooo6OYPgD4gPn9S4mVTqJip2Al1kaQpizkIas2ehYyInkfU_K0W7Lf3fxAhZEba3n1dSmjChXizzkhfRKvv_0WplXK24m62F18zLBLLktb5NkSXKDYs7cDxOkpITemHw7wdDuXCrYVFoWOb5KB5Me4m8mzlDh3elzMcd9eaV1lrtXRuRIW2nSBgYjXGykDdAzXt_9nF2NyUvcdtSGNcePXGdS0PSvOqCaxc8xx3ImsgGzy9xW4WpsBCuQuxsTVt9fptoUEbT6ENHKq282cIfnqubKzVeDo-wH5TdnyVlyJjGA_U-uGUM5e1m-ArBYliqc7fpb-R9wIfNrwFj_0M77NT-Q6CJxGb3-D9asXCLQW-m7ZD1-WJtNHJ1L6-ZI&sai=AMfl-YSNCFPe2d3BlN1wwT15VQlQkW67qAmUivaH17hiYOmXEODhrsSzfi2i-MpLrGTiVrHpNfA0oCZOUE_kFtUTjC5PTTC9WAdLng&sig=Cg0ArKJSzPHBk9RdsD1EEAE&cid=CAQSGwDUE5ymyEFGTMs8Nn6pdSnxyQZFXXd1VDsMIRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=898,1000,1000,1000,1000&tos=898,102,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680214572958&rpt=1163&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3F2E 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvj4BAMjDiaB_OvNK-YuikYpB09c7AcaGff-F8mYLPiezh025b__y13mmRNv67DzHzEPcPKB61aEvyEi9ovaPnadWhQOqQXZdNi0sPfzNyD5GPS74O_6jkP8-hSjN-PJmHE_rAJCQ&sai=AMfl-YQ2EbBFuYJCKYdSEwHRUkcYGNoB4tJkCZv36iE-LZqnKl_u_2Uqsxv2IP4PMHwbpH2pIMWsKJ3RMTxi&sig=Cg0ArKJSzGDGr-AVDcn_EAE&cid=CAQSGwDUE5ymyEFGTMs8Nn6pdSnxyQZFXXd1VDsMIRgB&id=lidar2&mcvt=1002&p=0,0,500,180&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680214572956&rpt=1054&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 22:16:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: share.pluso.ru
URL: https://share.pluso.ru/pluso-like.js

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.blackhatrussia.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: m4dvp1e467lsvad4q8u128juc7
.dtscout.com/	1970-01-20 10:43:39	Name: m Value: 1
.dtscout.com/	1970-01-20 10:43:48	Name: oa Value: 1
.dtscout.com/	1970-01-20 13:07:34	Name: df Value: 1680214571
.blackhatrussia.com/	1970-01-20 20:05:10	Name: __gads Value: ID=a3aac5d270662e32-221100b5efde0015:T=1680214571:RT=1680214571:S=ALNI_MazgFox-eyHHAi2UapVtxeq-LPtcQ
.blackhatrussia.com/	1970-01-20 20:05:10	Name: __gpi Value: UID=00000a379767cfb1:T=1680214571:RT=1680214571:S=ALNI_MawVUBXHEcu5Z3tTENUlurzFhKb6w
www.blackhatrussia.com/	1970-01-20 19:29:10	Name: LTFSESSID Value: ro8pg5brponeqe976hj1puecq2
.doubleclick.net/	1970-01-20 20:05:10	Name: IDE Value: AHWqTUlA3ZMAT4Wl4HeWfbGy26hRk31u2JJFcWwnhvkhki94GOcMzuxHIKeZerLOLeA
.doubleclick.net/	1970-01-20 10:43:38	Name: DSID Value: NO_DATA
.blackhatrussia.com/	1970-01-20 19:29:10	Name: FCNEC Value: %5B%5B%22AKsRol-RSQExkvtbi52xtQJc9qOHD_R4_8Y9XPlHIE3yN6WDAm6DHaw-aLuKR1OO6zEsRjPIq8qVgk4KgcLb0tK_vfqaCEoW3Xk_YekAhcDcNbr6hLtzzSKB8_f1rlAdX3IQW0RJjhVwSUc4ooqOFtuqtRPi5PM1Rg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-3926942378526699&fa=3&ifi=6&uci=a!6&btvi=2&xpc=mo6PyO44x4&p=https%3A//www.blackhatrussia.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-3926942378526699&fa=1&ifi=8&uci=a!8&btvi=4&xpc=RUnJPXpqg6&p=https%3A//www.blackhatrussia.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-3926942378526699&fa=4&ifi=7&uci=a!7&btvi=3&xpc=ryTHXuTdj5&p=https%3A//www.blackhatrussia.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.livetrafficfeed.com
cdn.tynt.com
connect.facebook.net
csi.gstatic.com
de.tynt.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i.postimg.cc
ic.tynt.com
image.ibb.co
livetrafficfeed.com
pagead2.googlesyndication.com
partner.googleadservices.com
preview.ibb.co
rr1---sn-5hneknee.googlevideo.com
scontent.xx.fbcdn.net
share.pluso.ru
static.getbutton.io
static.xx.fbcdn.net
t.dtscout.com
tpc.googlesyndication.com
waust.at
whos.amung.us
www.blackhatrussia.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
share.pluso.ru
104.18.36.173
111.90.142.140
139.99.46.91
162.19.58.161
162.19.61.80
2606:4700:10::6816:4aab
2606:4700:20::681a:407
2606:4700:21::8d65:780b
2607:f8b0:4000:800::2003
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:831::200e
2a00:1450:400e:8::6
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
67.202.105.32
67.202.105.34
95.216.228.15
0124bb3b0954666fee1c11c8c4ca8e18cc6586be4be1667e30b5277618c9c5a8
0228e83af168994728fff6fc1e9c29e601e4d0b2e5cbb28b950c4b37f0d1f785
02a5ba607169327f9866fc6a13ab05ad89a2585c40b454c9fac1c7b21bb7216b
044cb3ef39228f5d050dad399bc4a8aff808e0a116c0e8d12b5b327fd588c46b
046b2590a523494d1f7869c5f4a92c3b552f0b78c9b788922c406bb69b857fba
0587f0dd4df7fdddf5d4c8187c0e4e21477d031f6742c13aeaea2aa241d246ad
07f6582468ba8cafbb777c34e77502d0dfe8e42fa4f7cd6a984b1c2ab8e389ad
0af14c8c1c4106987297a09656d22bd9c5806b53a1d734e834442165b01c17f8
0dfd31a339e8dfacd9ea6fe4512835780a925e0b2d483caf11ecde1a3edd775c
0ea464d7c8116b89645977e593a2b72bec92790439ab3fbbbe1477d0d073f7ee
0f0a3e14fabf5c4e20367b1b49c8b6731ef4ef2b887c26a6d966f06c3f583e03
11a81c56b9e98e26e4c843bba5af919bcc161d4b04304690a92cef5e356a37a8
1490aad284b9af37c925810fe6cad4bf2b972ffbf906462c0e391d3218bd1224
171967fb384b673413e6425ecce333b8156a238760dbb6986d958ff502a6f915
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ad08f0af0cb54899a7473514ca9d32f4035fc654772143b7b45939a9b9f243d
1f75b6ee6e9bd2f4f0e4c5221d955dede1229eae2c137ad283fccc4918cc5bac
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
20b9f77fb50c9a36b849adb3ff16036ae5cf0dc972ed7861a122de20d8b08487
22c55af9e1447d0b4e3cb9c8b94c21a2750715ada4ff59c1cd86ef7f9d81c890
231d923cc3073c56e9be9462586d51753f1f8ab3c45a6988105856f3f19ca84b
232e6a543801fdd76783f05054702ade70c7ef318aa5be0d7238419f9873c4d0
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
25e85c88c08c030a0dce3220306f618f022c39684fb3f1527b90069fee77faae
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b46b8b2bf6ea470afbe9d4a2343a3e5d7c37774159decfbf0d475bcaeea7f00
2b99ce8dd7b740ffdb1135a978cbc4cbc6bac722b026bc4b40d9b9785b7acc64
2c7325ce8f082a3df083366cfbd688ccbebaed2622f78ad984626c46ada9a257
2c996f142c6fbb1ed7630b7fd168b3c75097183bb1b2a237567cbad416c85a09
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e239a7ef6b367100ceb17647f6057f4b9db339e29e8e0778151df9ca5e07e15
2f0253a9ee6c26c1c960191a7f349ced5600d94d5fe6e7bfc3dcc9125a963e99
3023eb4e52a557f35ebb06278848c69e3090647ceece87bba71a60598b2e7447
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
32c91f0e59e8bee6d1ceaede0be6ff4e946c3e65e3204b0c25389b58d292f6b5
382a5397dd5c60820a72c016a0a5bc074482e1ba72bfa35149be6c4f6c5073c5
3d5b6dcf1c2a190f3c0e349631cbd0db2688d48c3a57abf1644ecf985ddaf925
3da48afbe47fc124def22b7f1998aaf96a0d8d5d5652232fdd545cd550135794
3f1cdebfe02e8e40b8f88d9166bcf096678cf8f907fa736b13e99412479af55c
413710259178ac9f46d913b694ec5ad8bed16cf315726f9198cd0ec6e90ceb4e
4393dc4b08c9b2d3cc5d7886d9b3bc509fca66d885a9b77aa5203f5294d3ac08
43cef17a32d6403565654fc0972e73949f5cdb2c7e51830898b0738078f89f56
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4539b99daabba29a7cb9ddcb3ed09dcc61f07c222d98a2be580c0e0d875433f4
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
47845d8ec3e950a384c742215672d45457b690e10b9503dbfb95963683e8d885
49b25582e5fa4c30366f1db0fce08839201659a3e586928f3d063b356a5e2430
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b591e087b24a5a83fc978f66884e61fbed70f597738562cabb1075e1b0130b7
4c444545c886a942c71cda6fac3897448c6c6509593ab8a4792856ea2818aef2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f7efabaf6bb0e21501fea1151384cb6a6c5ab3bfed2dcee1533309d3446339f
54ced371aab9116622f353d6d08c41d2247f23902852bf3d8893a2505b1cbd28
55c4c97850e4070fbe92a8b49231c4dbc2f35ba7198de0133f8fac1234480878
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
57a5536480cd86cb4e1c70b1c3b553cafb2c055b4eb82be01335db0151b5ac81
5bf78aa885cab99a8c93c29bd4ef075bfbbeaf01650ca521f219e7f99c0b013c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e137b703d3b95300c7e6e02ecd911eb480291a018794e40d0e5443dbd23e6a6
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7
61d4c224645b84fb7edeb5a741efd26cd0bc1a4443f76f7665b4ba9e5f152dae
626ca6a5c8ffad1c09b52f1e27959674cbe23c9cf526e180e5115558c9b5e2b4
68053b0b29e66768a7bd8979251fd3d0428afb1afd669260682eaee463fb17d0
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
74633628b7f06429e99ada7855364b8d73bd75d64f9a2bfa0d3eb94849e6e376
791c219369bb41464d5bb8fc981d358c0263544c15ae66e35206267aec43bede
7e41d33405980997e712db2dcf8d13e2315abdb04aaf1e91b6309266716a5a18
7e5ae7ffdb04da0702ddbed2450aee6354063117f23743c4abdfbe73f4494d9b
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
82086f0311629c7ee6a01a4be243812253468828935001a8ea2b83966c7323f2
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
887f1bb7e66d195d7a8cc5dfd2b45ba6e773e3c56e436357a348af6795e988b9
898f696a3e7eab0e49c8d43b664a09446fd55ac04d9a9ddf26f2d7d2f24daa53
89bf83ae775cee2f74fb4082ea1afe72b545d93803952b3cb25a459a0f3af066
8ad14eeb748eee6a429d326f2232cac4917e4a1d798126911407094f13ca0bcf
8c34c37291ee6d38191ac0a84ef1aedde856af334a96245759d0482912edb067
8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
931afd0e47554a61b50d49e2aab0102cf6f47ccda0c913f660c06bf50abacc62
9343760a10e3464db1af7be0cc0b7c620183c25f03ef1abb9b4fcd8263de928d
9505d22a9881bd550fee754d461e808a76c98abaf98793ba474b9d787138fdb5
951b58813238f111504a062d1a972cb5de213779305db63a3dd64d8c33f2a5ac
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
99512739ca169911014a9d54e0ba81f6bca9928404890c2d5c1b824eaaa7caee
997f7818761aaa374ed1cf860ea3878be6cbe7c4c1be2855e99f44ce0db401b7
99822992382dc6b866383c384e2b4a3ce96d5d661b37db03e2df2aeced241422
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9e5e995f0936d63304195ab72af99edee3c10d218a5d57719b13c94780631127
a07a10727b1d53370fa0b010bbd7169e9863f4004f316860f1709850d01434ea
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
aa110663d6600fd847987ed2d5046deea4e65e27183e20c76a12d56206c86a57
adaae52977c0a55d01a5772bb1caa16a172a993744e11426bb2e21d7c1b54627
aed0a61267a42ae3d4aeab50c39b2c372066d404de5d6219bbc28ef3cc2f04e9
af8cd1cb4e1060d144a844f6d0b12b0887c5ebb2e521c9f2aaa7fefc7254d8b4
b03e45069c012ecd7bdb86a28a2a669e1edc57b3f6d5b35b26f4b53874722212
b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278
b2030569339b862f00a936d97af228b1bc2500d7f7162abc23be7d8acc710482
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
b4e8897f617acf8c561309a5d51674bc1cbef024b66acf21ceb35ddf76a0c16b
b6a084b954ef9cf21c9b84782a410fab051ab77ae2a4aff15c24c626c30df332
b6a1aac7f01f0a637038a98e9506c89712c23f895b369bfd928c2c5e3fbadb9a
b6f8fb0877ebbac082cbc81e6c207ba3806916c32cddcf65442f53c9e926bce8
b9bd5a2d950b6ef695d60ba988621416a6f78315ed3d7988ded857ed6cc80042
bb0b0ece3e619719589ee1730b31da0b10df5977dc290570e1dab5634ebd3bdd
bb69356308245cad3eb7984d79c0b6c324bfac7ebc4d7ff9e6df994e53dfaed3
bbd34a8dfb91f71af541deeaa19d5ddcc07b84af7218bd01f1b1faadc3547afd
bd8c67464afae3ae168963c8233096c0af297b528ba80ceffee7c72546c8e290
bdbca38a6436221f0c4c54f15947bb5ffa4f3df0c69d448a9f14869d3b6b6b40
bf953efe8e0f5b3f720d2e3f738dc0c85a38016e9e090c5b7bd90a21dc494155
c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c32ffa2b943af90e3fe0028de115848152e8440db0ab5bd8a9b20494d9b34aa9
c6db5c878629f1ac4c1d69e70b6e72aae966fb18ca5dce36ed0fade2d4b82cbb
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c879ad879a4b2251a2944326949ef9eb289c6607182db160e057686cae5614ab
c88417d536eab670b2771f604d69cc2ec6136abf5109c78e7c9fd6b0d0282220
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cc0d49dfd20b6ece5010cdd54bdefad3fe2df62828dc6c579cbaf5a4e63a9fe0
cc5c57482edb138cccdf20e5bf6e11fb109fd17159281b3522d27b854e781ad4
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cd33d9ee68e29c31be3ed545ff30184288b26cfc1778c2e461bf10507d0de07d
ce405aa0f160ca48de86d34b5c16333780a268b9fd7ca1c0df7ca3601a3b8f68
cf658e5812fe693304264a1b126dc3e36f9ee7f849afbf560508074166c4c5d2
d0c88b84ad7a28bb57338a0939b0728c20e37accb35ffc15be947dcef614ecfd
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d2429dfbe741449bf01449b46bbf212b18f464038995e771ca9a4bb1e0925610
d279a6d329eebf6436d8998c9612d242a49c0f0bc1c07dbd21c051f0fb37e96a
d30f8b4e7f947843a40a38276e1755f0c4ced815871656a67dd1c59132f65604
d3c42ad0fea264e8eacd4c38c8a87d9a9e2c8c822a2b57431f40cd531a1b7698
d83f8be07f0b015b347a491c8429eea4bdedc305e983a2a4118e8f1a09631957
dc1cbdbbb3abee25ba8741382fd3ce4304a660502b8b03e83ef8dc9514e1ef66
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e04e2b4e27ae9881b1e161954cc00ba16c8c3a0ce73a179824756353efd6c481
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a70cf1134dac71045e302999a2849f2824e29bc3a722592b4f0b55e1b0e4a8
e9a02913e28dd00a0463974773922a3fa89cbe2c0c21127b2b79e655df93b1f7
ecd98f11dc0c69bde1108e7293a14fa6cb157ac0c7e563b2a192a141d013bf5f
ed2170c985d7a945b0c2aea5817f56c12bfce53c05359a6e14e238d3b5ac46ba
ed7f6870e2cebf184837dd93287e5da59fae094cb79d49931f565aede1a4f39f
eefbb91e14034edeff586b1ad5e0f866a0cc3d084aca7380e2725056ec9e2924
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c68deb996de31b19095e0499ac66780d665d3ac3f8db8f5a9db01c7e4e9420
f4d00d2b1105c2e78c8ce501c375b86d495e86d5451ea08b439ad0b9270d3ab8
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f99a2c60ac365f5cebd3b520372c07dac909708e0fb5f8848a0a967c7fc0b98e
fa284ca4fedda502c0e4a5792eab148f92d17396d58a5280f13c7192cab7eaae
fa77f6a55fa061f318809c4c7e1afe06279914657199e902a762c000c8db2a65
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fc9595ee8439c5d2990126d60c5587c1120741b96a168e278e6d47defccea5fa
ff6827d4444bb6a00e4ee00770fcc3d8ff6b5c88a9e19997933e5b4ac4a35a45

www.blackhatrussia.com Open in urlscan Pro 111.90.142.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

289 Requests

99 %HTTPS

69 %IPv6

22 Domains

32 Subdomains

26 IPs

8 Countries

8868 kBTransfer

17988 kBSize

10 Cookies

12 Outgoing links

Redirected requests

289 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.blackhatrussia.com Open in urlscan Pro
111.90.142.140 Public Scan

Screenshot
Live screenshot

Full Image

289
Requests

99 %
HTTPS

69 %
IPv6

22
Domains

32
Subdomains

26
IPs

8
Countries

8868 kB
Transfer

17988 kB
Size

10
Cookies

289 HTTP transactions
12 data transactions