www.blackhatrussia.com Open in urlscan Pro
111.90.142.140 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.blackhatrussia.com/504-jps-virus-maker.html
Submission: On January 11 via manual (January 11th 2023, 2:11:20 am UTC) from CA — Scanned from CA

Summary HTTP 314 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 49 domains to perform 314 HTTP transactions. The main IP is 111.90.142.140, located in Malaysia and belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY. The main domain is www.blackhatrussia.com.
TLS certificate: Issued by R3 on December 15th 2022. Valid for: 3 months.

This is the only time www.blackhatrussia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	111.90.142.140 111.90.142.140	45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
15	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	185.150.190.236 185.150.190.236	23470 (RELIABLESITE) (RELIABLESITE)
7	104.243.38.177 104.243.38.177	23470 (RELIABLESITE) (RELIABLESITE)
1	146.75.36.193 146.75.36.193	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	139.99.46.91 139.99.46.91	16276 (OVH) (OVH)
11	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
1 2	176.9.188.20 176.9.188.20	24940 (HETZNER-AS) (HETZNER-AS)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.32.164.88 13.32.164.88	16509 (AMAZON-02) (AMAZON-02)
3	18.220.3.90 18.220.3.90	16509 (AMAZON-02) (AMAZON-02)
2	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4aba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e0:... 2606:4700:e0::ac40:6a19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	141.94.170.77 141.94.170.77	16276 (OVH) (OVH)
9 9	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	52.87.94.71 52.87.94.71	14618 (AMAZON-AES) (AMAZON-AES)
3 3	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
1 1	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
2 4	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
1	13.225.223.33 13.225.223.33	16509 (AMAZON-02) (AMAZON-02)
4	104.64.213.153 104.64.213.153	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.160.225.62 18.160.225.62	16509 (AMAZON-02) (AMAZON-02)
8	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.135.147.228 3.135.147.228	16509 (AMAZON-02) (AMAZON-02)
4 10	52.55.144.0 52.55.144.0	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
3 6	104.126.112.185 104.126.112.185	16625 (AKAMAI-AS) (AKAMAI-AS)
2 22	2607:f8b0:400... 2607:f8b0:4006:820::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2006	15169 (GOOGLE) (GOOGLE)
1	104.71.223.212 104.71.223.212	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	63.251.86.50 63.251.86.50	10913 (INTERNAP-BLK) (INTERNAP-BLK)
1	104.18.36.173 104.18.36.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
74	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f00... 2a03:2880:f00e:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
14	2607:f8b0:400... 2607:f8b0:4006:80a::200e	15169 (GOOGLE) (GOOGLE)
1	18.160.213.86 18.160.213.86	16509 (AMAZON-02) (AMAZON-02)
4 4	3.93.209.92 3.93.209.92	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1f18:ed:... 2600:1f18:ed:550a:e5e8:a01c:2029:474f	14618 (AMAZON-AES) (AMAZON-AES)
2 2	104.18.99.194 104.18.99.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.92.190.69 23.92.190.69	10913 (INTERNAP-BLK) (INTERNAP-BLK)
1 1	35.194.66.159 35.194.66.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1 2	3.216.210.67 3.216.210.67	14618 (AMAZON-AES) (AMAZON-AES)
3 3	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1	172.64.152.222 172.64.152.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	52.203.85.239 52.203.85.239	14618 (AMAZON-AES) (AMAZON-AES)
2 3	68.67.160.117 68.67.160.117	29990 (ASN-APPNEX) (ASN-APPNEX)
4 5	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1 1	52.54.29.118 52.54.29.118	14618 (AMAZON-AES) (AMAZON-AES)
1	3.209.207.39 3.209.207.39	14618 (AMAZON-AES) (AMAZON-AES)
2 2	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	2606:4700:10:... 2606:4700:10::ac43:8f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
314	53

16 111.90.142.140 (Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la

www.blackhatrussia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:81d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.150.190.236 (United States)

ASN23470 (RELIABLESITE, US)

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.243.38.177 (Oxford, United States)

ASN23470 (RELIABLESITE, US)
PTR: disuanqi.dadongeng.cn

image.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.193 (Reston, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 139.99.46.91 (Singapore)

ASN16276 (OVH, FR)
PTR: 91.ip-139-99-46.eu

cdn.livetrafficfeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
livetrafficfeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:824::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.9.188.20 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.20.188.9.176.clients.your-server.de

static.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.164.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-164-88.ord58.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.220.3.90 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-220-3-90.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4aba (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6a19 (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.94.170.77 (France) 5 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.33.220.150 (United States) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.87.94.71 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-94-71.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.16.197.56 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.90.66 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:1957 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.162 (Glen Cove, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.223.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-33.jfk51.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.64.213.153 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-213-153.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.225.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-225-62.ord58.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.135.147.228 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-147-228.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.55.144.0 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-144-0.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.126.112.185 (New York, United States) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4006:820::2001 (Nutley, United States) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:821::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2006 (Nutley, United States)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.71.223.212 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-223-212.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.251.86.50 (Woodbridge, United States) 1 redirects

ASN10913 (INTERNAP-BLK, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f00e:13:face:b00c:0:3 (Toronto, Canada)

ASN32934 (FACEBOOK, US)

scontent-yyz1-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:80a::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.213.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-213-86.ord58.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.93.209.92 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-209-92.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:ed:550a:e5e8:a01c:2029:474f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.99.194 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.92.190.69 (Charlotte, United States)

ASN10913 (INTERNAP-BLK, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.194.66.159 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.216.210.67 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-210-67.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.24 (Palos Park, United States) 3 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.222 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-tc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.203.85.239 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-85-239.compute-1.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.117 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.178.246.49 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.29.118 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-29-118.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.207.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-207-39.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.186 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:8f4 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

api.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 548 scontent-yyz1-1.xx.fbcdn.net — Cisco Umbrella Rank: 20670	1 MB
34	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	456 KB
17	google.com adservice.google.com — Cisco Umbrella Rank: 142 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2085	52 KB
17	livetrafficfeed.com cdn.livetrafficfeed.com — Cisco Umbrella Rank: 227669 livetrafficfeed.com — Cisco Umbrella Rank: 200161	31 KB
16	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321 static.doubleclick.net — Cisco Umbrella Rank: 393	159 KB
16	blackhatrussia.com www.blackhatrussia.com	231 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	144 KB
12	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 18561	2 MB
11	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 20487 t.sharethis.com — Cisco Umbrella Rank: 8957 sync.sharethis.com — Cisco Umbrella Rank: 4177	17 KB
10	eyeota.net 4 redirects ps.eyeota.net — Cisco Umbrella Rank: 1405	5 KB
9	adsrvr.org 9 redirects match.adsrvr.org — Cisco Umbrella Rank: 456	4 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	132 KB
7	ibb.co image.ibb.co — Cisco Umbrella Rank: 134238 i.ibb.co — Cisco Umbrella Rank: 11302	686 KB
6	liadm.com 4 redirects i.liadm.com — Cisco Umbrella Rank: 881 i6.liadm.com — Cisco Umbrella Rank: 2220	3 KB
6	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 866 ce.lijit.com — Cisco Umbrella Rank: 1325	7 KB
6	bluekai.com 3 redirects tags.bluekai.com — Cisco Umbrella Rank: 807 stags.bluekai.com — Cisco Umbrella Rank: 838	2 KB
6	crwdcntrl.net 3 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1879 sync.crwdcntrl.net — Cisco Umbrella Rank: 1114 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1326	28 KB
5	tapad.com 4 redirects pixel.tapad.com — Cisco Umbrella Rank: 674	946 B
5	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 670 ib.adnxs.com — Cisco Umbrella Rank: 318	5 KB
5	onaudience.com 5 redirects pixel.onaudience.com — Cisco Umbrella Rank: 4199	2 KB
5	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4767 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5749 data-beacons.s-onetag.com — Cisco Umbrella Rank: 10910	14 KB
4	33across.com 3 redirects dp2.33across.com — Cisco Umbrella Rank: 15293 cdn-tc.33across.com — Cisco Umbrella Rank: 29341 dp1.33across.com — Cisco Umbrella Rank: 10897	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	192 KB
4	zeotap.com 2 redirects spl.zeotap.com — Cisco Umbrella Rank: 4007 mwzeom.zeotap.com — Cisco Umbrella Rank: 3376	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	3 KB
3	affec.tv 2 redirects map.go.affec.tv — Cisco Umbrella Rank: 12216	2 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 14423 ic.tynt.com — Cisco Umbrella Rank: 6368 de.tynt.com — Cisco Umbrella Rank: 2271	10 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 525	550 B
3	exelator.com 3 redirects loada.exelator.com — Cisco Umbrella Rank: 41763 loadus.exelator.com — Cisco Umbrella Rank: 1803	2 KB
3	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 9435	5 KB
3	google.ca adservice.google.ca — Cisco Umbrella Rank: 14407	1 KB
2	retargetly.com 2 redirects api.retargetly.com — Cisco Umbrella Rank: 8015	855 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1960 beacon.krxd.net — Cisco Umbrella Rank: 803	499 B
2	adsymptotic.com 2 redirects p.adsymptotic.com — Cisco Umbrella Rank: 3897	513 B
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 2739	467 B
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1541 ups.analytics.yahoo.com — Cisco Umbrella Rank: 405	1 KB
2	getbutton.io 1 redirects static.getbutton.io — Cisco Umbrella Rank: 28184	93 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	89 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1600	438 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1282	603 B
1	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 2542
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 5325	16 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 9585	182 B
1	dtssrv.com a.dtssrv.com — Cisco Umbrella Rank: 17926	594 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 10398	604 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	704 B
1	waust.at waust.at — Cisco Umbrella Rank: 31717	7 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 4867	39 KB
0	pluso.ru Failed share.pluso.ru Failed
314	49

	Domain	Requested by
74	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
22	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net
16	www.blackhatrussia.com	www.blackhatrussia.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com www.blackhatrussia.com
14	cdn.livetrafficfeed.com	www.blackhatrussia.com
12	www.gstatic.com	googleads.g.doubleclick.net
12	i.postimg.cc	www.blackhatrussia.com
12	pagead2.googlesyndication.com	www.blackhatrussia.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com www.googletagservices.com
10	ps.eyeota.net	4 redirects www.blackhatrussia.com data-beacons.s-onetag.com
9	match.adsrvr.org	9 redirects
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.facebook.com	connect.facebook.net static.xx.fbcdn.net
5	pixel.tapad.com	4 redirects www.blackhatrussia.com
5	tags.bluekai.com	2 redirects tags.bkrtx.com de.tynt.com www.blackhatrussia.com
5	pixel.onaudience.com	5 redirects
4	i.liadm.com	4 redirects
4	scontent-yyz1-1.xx.fbcdn.net	www.facebook.com
4	static.doubleclick.net	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	sync.sharethis.com	www.blackhatrussia.com
4	t.sharethis.com	pd.sharethis.com t.sharethis.com www.blackhatrussia.com
4	fonts.googleapis.com	www.blackhatrussia.com googleads.g.doubleclick.net
4	i.ibb.co	www.blackhatrussia.com
3	secure.adnxs.com	2 redirects www.blackhatrussia.com
3	map.go.affec.tv	2 redirects www.blackhatrussia.com
3	ce.lijit.com	www.blackhatrussia.com
3	ap.lijit.com	1 redirects www.blackhatrussia.com data-beacons.s-onetag.com
3	idsync.rlcdn.com	2 redirects www.blackhatrussia.com
3	livetrafficfeed.com	cdn.livetrafficfeed.com www.blackhatrussia.com
3	cm.g.doubleclick.net	3 redirects
3	pd.sharethis.com	t.dtscout.com www.blackhatrussia.com t.sharethis.com
3	get.s-onetag.com	t.dtscout.com get.s-onetag.com
3	t.dtscout.com	waust.at t.dtscout.com
3	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.ca	pagead2.googlesyndication.com
3	image.ibb.co	www.blackhatrussia.com
2	api.retargetly.com	2 redirects
2	ib.adnxs.com	2 redirects
2	dp2.33across.com	2 redirects
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	p.adsymptotic.com	2 redirects
2	i6.liadm.com	www.blackhatrussia.com
2	ml314.com	1 redirects www.blackhatrussia.com
2	loadus.exelator.com	2 redirects
2	mwzeom.zeotap.com	www.blackhatrussia.com
2	spl.zeotap.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	tags.crwdcntrl.net	t.dtscout.com cdn-tc.33across.com
2	static.getbutton.io	1 redirects www.blackhatrussia.com
2	connect.facebook.net	www.blackhatrussia.com connect.facebook.net
1	d.turn.com	1 redirects
1	dp1.33across.com	1 redirects
1	beacon.krxd.net	www.blackhatrussia.com
1	usermatch.krxd.net	1 redirects
1	cdn-tc.33across.com	de.tynt.com
1	de.tynt.com	cdn.tynt.com
1	stags.bluekai.com	1 redirects
1	ic.tynt.com	www.blackhatrussia.com
1	um.simpli.fi	1 redirects
1	api.intentiq.com	data-beacons.s-onetag.com
1	cdn.tynt.com	waust.at
1	tags.bkrtx.com	pd.sharethis.com
1	whos.amung.us	waust.at
1	data-beacons.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	loada.exelator.com	1 redirects
1	a.dtssrv.com	t.dtscout.com
1	t.dtscdn.com	t.dtscout.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	waust.at	www.blackhatrussia.com
1	i.imgur.com	www.blackhatrussia.com
0	share.pluso.ru Failed	www.blackhatrussia.com
314	75

This site contains links to these domains. Also see Links.

Domain
t.me
anonfiles.com
www.mirrored.to
mirrorace.org
www.facebook.com
twitter.com
www.youtube.com
whos.amung.us
livetrafficfeed.com
wa.me

Subject Issuer	Validity	Valid
blackhatrussia.com R3	`2022-12-15` - `2023-03-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-20` - `2023-01-18`	3 months	crt.sh
postimg.cc R3	`2022-12-17` - `2023-03-17`	3 months	crt.sh
ibb.co R3	`2022-12-08` - `2023-03-08`	3 months	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-04`	a year	crt.sh
cdn.livetrafficfeed.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-30` - `2023-11-02`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.dtscout.com GTS CA 1P5	`2022-11-30` - `2023-02-28`	3 months	crt.sh
*.s-onetag.com Amazon	`2022-12-04` - `2024-01-02`	a year	crt.sh
sharethis.com Amazon	`2022-06-21` - `2023-07-20`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.dtscdn.com GTS CA 1P5	`2022-11-21` - `2023-02-19`	3 months	crt.sh
cert1.a1.atm.aqfer.net R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
livetrafficfeed.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-30` - `2023-11-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
*.intentiq.com Amazon	`2022-03-20` - `2023-04-17`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.blackhatrussia.com/504-jps-virus-maker.html
Frame ID: 3AFBE5A1A0B11825BA0B9215F5745835
Requests: 123 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20190131/zrt_lookup.html
Frame ID: 07196B5D9E7AA9F81D56E4C0C7490FC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3926942378526699&output=html&adk=1812271804&adf=3025194257&lmt=1673403072&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673403071977&bpp=340&bdt=180&idt=465&shv=r20230109&mjsv=m202212050103&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3052224095165&frm=20&pv=2&ga_vid=1161304269.1673403072&ga_sid=1673403072&ga_hid=82569676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C44779793&oid=2&pvsid=4465137890185292&tmod=1078062633&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=492
Frame ID: 1ED499B7B47310D99F41C905B20411B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1673403072&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673403072652&bpp=25&bdt=854&idt=25&shv=r20230109&mjsv=m202212050103&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3052224095165&frm=20&pv=1&ga_vid=1161304269.1673403072&ga_sid=1673403072&ga_hid=82569676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C44779793&oid=2&pvsid=4465137890185292&tmod=1078062633&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WX3HnsOTrI&p=https%3A//www.blackhatrussia.com&dtd=33
Frame ID: B9CFE8DDE2BBFA3E5CFDF0F2BFAFF33F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1673403072&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673403072729&bpp=9&bdt=931&idt=9&shv=r20230109&mjsv=m202212050103&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=3052224095165&frm=20&pv=1&ga_vid=1161304269.1673403072&ga_sid=1673403072&ga_hid=82569676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C44779793&oid=2&pvsid=4465137890185292&tmod=1078062633&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=peTvaq37YE&p=https%3A//www.blackhatrussia.com&dtd=13
Frame ID: F7E2BE99D0444478D0A99B20E89FBD07
Requests: 15 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=104016734030727C3CB4B241B197F171
Frame ID: BB6AE8EA0BBABD3F31C8AC8FE28BDE25
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1109.23349&cid=c010&cls=C
Frame ID: 5919D752F5E789AF67AD1C6C53E2AE45
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1109.23349/a/CA/t_.js?cid=c010&cls=C
Frame ID: 00D0ABD332E2136C65FAE0E376A94F2E
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv14.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1a4ce917457448%2526domain%253Dwww.blackhatrussia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blackhatrussia.com%25252Ff2f592a3c20df0c%2526relation%253Dparent.parent%26container_width%3D360%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblackhatrussiaofficial007%26locale%3Den_GB%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width
Frame ID: 6693FDE75FE44F24EB25EED108099533
Requests: 56 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv14.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df145371adf0519%2526domain%253Dwww.blackhatrussia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blackhatrussia.com%25252Ff2f592a3c20df0c%2526relation%253Dparent.parent%26container_width%3D263%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblackhatrussiaofficial007%26locale%3Den_GB%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width
Frame ID: D7E03EEE9FB6D60B016AF2E4FC3A1407
Requests: 58 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: D864B59FF231D7EFD8DF4AE66D5A4007
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=63150
Frame ID: A8EE1D7A900EFC452EFE51744FA89D01
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: D560015701B726037CA0A9D6188D7624
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/5386?id=70484889-ebba-4b5c-9c7f-1555ae41aa31&gdpr=0&gdpr_consent=
Frame ID: B3D06265CF4F614895EE0723353B2AEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2D0287880DDDBEF4403BFDACDE27EBB9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Frame ID: 11C25EC04789839BD691C443B8111DA9
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 856E492A5F779F2E3D2E5601A5C1BBCE
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212075679201354&ret=html&random=1673403074
Frame ID: 0DC630ECB576146F34332BE6791E2A15
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: CE08476A0EEF21480D428A4FE74ACEFA
Requests: 3 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/7d0b7188506749bb068f2c695a7a947e.js?tag=client_fast_engine_2019
Frame ID: F91E1282B8D172C9D113124EAFB43819
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 82828ECE1EAB136A8CB34BBE5AF7FC94
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 1563378742DDA6D6854D82C5704EB678
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JPS Virus Maker » learn all kind of hacking

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

314
Requests

83 %
HTTPS

36 %
IPv6

49
Domains

75
Subdomains

53
IPs

7
Countries

5954 kB
Transfer

12266 kB
Size

66
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/adrikadi
Title: https://t.me/adrikadi

Search URL Search Domain Scan URL

URL: https://anonfiles.com/vfwfg2Ley2/JPS_Virus_Maker_rar
Title: Download Link 1

Search URL Search Domain Scan URL

URL: https://www.mirrored.to/files/EG23RJJ9/JPS_Virus_Maker.rar_links
Title: Download Link 2

Search URL Search Domain Scan URL

URL: https://mirrorace.org/m/3Pxbd
Title: Download Link 3

Search URL Search Domain Scan URL

URL: https://www.facebook.com/blackhatrussiaofficial007

Search URL Search Domain Scan URL

URL: https://twitter.com/blackhatrussia0

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCGtC3aSzaFYnh8sQVhT8TKg

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/2jl8c6alqn/
Title: 5

Search URL Search Domain Scan URL

URL: https://livetrafficfeed.com/
Title: Live Traffic Feed

Search URL Search Domain Scan URL

URL: https://livetrafficfeed.com/live/blackhatrussia.com
Title: Real-time

Search URL Search Domain Scan URL

URL: https://livetrafficfeed.com/what-is-my-ip
Title: More Info

Search URL Search Domain Scan URL

URL: https://wa.me/79017473945
Title: Message us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://static.getbutton.io/widget-send-button/js/init.js HTTP 302
https://static.getbutton.io/widget/bundle.js

Request Chain 61

https://pixel.onaudience.com/?partner=137085098&mapped=104016734030727C3CB4B241B197F171 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=70484889-ebba-4b5c-9c7f-1555ae41aa31&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=25f874b7f2b4a1e8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=25f874b7f2b4a1e8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=2098dff33ee36f692f526484e827eb51&gdpr=0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d479322af39ca51391d4d2e31a691bcc&gdpr=0 HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=252&mapped=y-7jb9vOVE2pQwwuDxvCV7vE71N5QToQx2vA--~A&gdpr=0 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=25f874b7f2b4a1e8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d4692cd3-2dad-4029-411c-5e55e5a61af0&reqId=259fe932-2151-4af3-4880-ca1865bc37ae&zcluid=25f874b7f2b4a1e8&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEHkdqdEZcN7lzNm7o8OFPWk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d4692cd3-2dad-4029-411c-5e55e5a61af0&reqId=259fe932-2151-4af3-4880-ca1865bc37ae&zcluid=25f874b7f2b4a1e8&zdid=1332

Request Chain 74

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=4003f191-439d-4127-b5cf-a958120b9405&gdpr=0&gdpr_consent=

Request Chain 75

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=d479322af39ca51391d4d2e31a691bcc

Request Chain 76

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2F6w9UnJs0I2nUIltgcqIX9vU8WFAFfGOQv3R_3tmOEQ&gdpr=0&gdpr_consent=

Request Chain 77

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHgACGO%2BGsEAAAAIJhgRAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3632800557477920817 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMjgwMDU1NzQ3NzkyMDgxNxAAGg0IwbX4nQYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=773797b9459d95db5ea9d6ae13404212f10d8c50361c5b6fea974b731cd46d44f4cb09cee1a4f8eb&person_id=3632800557477920817&eid=50082

Request Chain 78

https://tags.bluekai.com/site/59574?id=ZHgACGO%2BGsEAAAAIJhgRAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 87

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr8fX2TxDeAhjeAjIIQDue9aoigZ8 HTTP 301
https://tpc.googlesyndication.com/simgad/6577506610223554973

Request Chain 90

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 138

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr8fX2TxDeAhjeAjIIQDue9aoigZ8 HTTP 301
https://tpc.googlesyndication.com/simgad/6577506610223554973

Request Chain 141

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=F91DiSZHA67WiadrRb22rX0O&rnd=36663 HTTP 303
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=F91DiSZHA67WiadrRb22rX0O&rnd=36663&_li_chk=true&previous_uuid=09b6229e51ed43cc9e53065f5fa7e7a0 HTTP 303
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=36663&bidder_uuid=F91DiSZHA67WiadrRb22rX0O

Request Chain 142

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=F91DiSZHA67WiadrRb22rX0O&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=63972 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=F91DiSZHA67WiadrRb22rX0O&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=63972&_expected_cookie=bd0e3f95974247110e924d7b56e89ddc HTTP 302
https://ce.lijit.com/merge?pid=5014&3pid=bd0e3f95974247110e924d7b56e89ddc

Request Chain 143

https://um.simpli.fi/lj_match?r=2689 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=E037D6C2FD6C4E128B5E17BAD4951555

Request Chain 144

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=F91DiSZHA67WiadrRb22rX0O&rnd=36083 HTTP 303
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=F91DiSZHA67WiadrRb22rX0O&rnd=36083&_li_chk=true&previous_uuid=75143ef0306d4925a5264eb1bac5ecf4 HTTP 303
https://i6.liadm.com/s/57333?bidder_id=204553&rnd=36083&bidder_uuid=F91DiSZHA67WiadrRb22rX0O

Request Chain 147

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHgACGO%2BGsEAAAAIJhgRAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1109.23349%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1109.23349%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=20774829 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=70484889-ebba-4b5c-9c7f-1555ae41aa31&gdpr=0&gdpr_consent=

Request Chain 181

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=F91DiSZHA67WiadrRb22rX0O/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=2098dff33ee36f692f526484e827eb51

Request Chain 184

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1673403074249.4&r=true HTTP 302
https://tags.bluekai.com/site/27519?id=212075679201354&ret=html&random=1673403074

Request Chain 186

https://map.go.affec.tv/map/3a/?pid=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&ts=1673403074249.1 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D63be1ac2d21877000100788c%26chc%3Dtt%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D63be1ac2d21877000100788c%2526chc%253Dtt%2526gdpr%253D%2526gdpr_consent%253D%2526redirect_url%253D HTTP 302
https://map.go.affec.tv/map/an/2528948850074157157?ch=63be1ac2d21877000100788c&chc=tt&gdpr=&gdpr_consent=&redirect_url= HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=63be1ac2d21877000100788c&chc=tt%7Can&gdpr=&gdpr_consent=&redirect_url= HTTP 302
https://map.go.affec.tv/map/ttd/70484889-ebba-4b5c-9c7f-1555ae41aa31?ttd_puid=&gdpr=0&gdpr_consent=

Request Chain 187

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&random=1673403074249.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&random=1673403074249.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a7f353b7-4fc7-4dc6-8773-491fc0d2c371%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=70484889-ebba-4b5c-9c7f-1555ae41aa31&ttd_puid=a7f353b7-4fc7-4dc6-8773-491fc0d2c371%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

Request Chain 188

https://dp2.33across.com/ps/?pid=1205&rand=1673403074249.3&r=true HTTP 302
https://idsync.rlcdn.com/405716.gif?partner_uid=212075679467106

Request Chain 189

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&33random=1673403074249.5&cat=33across HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkdlVVpwLVFmQU9YelRmME5lTkZEVjhnRXFic01qYm1tWU9xTDhkM01hbzg&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEO-fsmfk8riHnnSY2yjFXlw&google_cver=1

Request Chain 190

https://spl.zeotap.com/z.png?zdid=239&ctry=CA&env=mWeb&eventType=pageview&zpb=w%212jl8c6alqn&zpbcat=Technology%2FComputers&zcluid=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&ziid=1673403074249.6 HTTP 302
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=d4692cd3-2dad-4029-411c-5e55e5a61af0&reqId=b41adb7c-8965-4879-4449-6f34b685a081&us_privacy=&zcluid=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&zdid=239&ziid=1673403074249.6&zpb=w%212jl8c6alqn&zpbcat=Technology%2FComputers HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=2528948850074157157&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=d4692cd3-2dad-4029-411c-5e55e5a61af0&reqId=b41adb7c-8965-4879-4449-6f34b685a081&us_privacy=&zcluid=CoIKS2O+GsFF77GoNl5ZAg==&zdid=239&ziid=1673403074249.6&zpb=w!2jl8c6alqn&zpbcat=Technology/Computers

Request Chain 191

https://dp1.33across.com/ps/?pid=669&uid=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&random=1673403074249.8&r=true HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212075679467131&seg_code=33x&random=1673403074

Request Chain 192

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&33random=1673403074249.9&cat=33across HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=70484889-ebba-4b5c-9c7f-1555ae41aa31&bid=1e2n4ou

Request Chain 232

https://tags.bluekai.com/site/39798?limit=1&id=2fCn_y9IZmvhZ73fBT5kzjIYm9DixtNE4qRkrao19-tc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=M2lXbnNDd005OU9BV3E4TQ%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEP3LZ00xnfcdazi3RrOGdWo&google_cver=1

Request Chain 233

https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2XwiVf5FGg21Cl5oh6JbB4QoTJWmupb7s8KS5YOnc-5U HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a7f353b7-4fc7-4dc6-8773-491fc0d2c371%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=70484889-ebba-4b5c-9c7f-1555ae41aa31&ttd_puid=a7f353b7-4fc7-4dc6-8773-491fc0d2c371%2C%2C

Request Chain 234

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3656611185477979346&newuser=1&referrer_pid=51md42u

Request Chain 235

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=2528948850074157157&bid=2cr76e1&referrer_pid=51md42u

Request Chain 236

https://api.retargetly.com/getuid?p=1625&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6bqoi0v%26referrer_pid%3D51md42u%26uid%3D%25rlid%25 HTTP 302
https://api.retargetly.com/getuid?p=1625&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6bqoi0v%26referrer_pid%3D51md42u%26uid%3D%25rlid%25&_rlid=33f1d8a4-4945-43ce-8906-e50136702404 HTTP 302
https://ps.eyeota.net/match?bid=6bqoi0v&referrer_pid=51md42u&uid=33f1d8a4-4945-43ce-8906-e50136702404

314 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 504-jps-virus-maker.html Show response
www.blackhatrussia.com/ 36 KB
9 KB 837ms
331ms Document
text/html 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 6457c2187b16c9c65af6f4f122f5f7730cb041d0a90b08ce57399db86b5fff83

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 11 Jan 2023 02:11:11 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Tue, 06 Dec 2022 08:58:47 +0300 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding,User-Agent

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 124ms
76ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45f82f27ae9a9bee73235cd59e7f74c140fe7e6543e99f5c6f82e1b680e93e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49356
x-xss-protection: 0
server: cafe
etag: 14399853570352299101
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Jan 2023 02:11:11 GMT

GET
H2 200 jquery.js Show response
www.blackhatrussia.com/engine/classes/js/ 84 KB
29 KB 249ms
247ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/engine/classes/js/jquery.js?v=25
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:11 GMT
content-encoding: br
last-modified: Fri, 23 Feb 2018 02:00:00 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29175
expires: Wed, 18 Jan 2023 02:11:11 GMT

GET
H2 200 jqueryui.js Show response
www.blackhatrussia.com/engine/classes/js/ 94 KB
26 KB 261ms
252ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/engine/classes/js/jqueryui.js?v=25
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 2f0253a9ee6c26c1c960191a7f349ced5600d94d5fe6e7bfc3dcc9125a963e99

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: br
last-modified: Wed, 31 May 2017 01:00:00 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26066
expires: Wed, 18 Jan 2023 02:11:12 GMT

GET
H2 200 dle_js.js Show response
www.blackhatrussia.com/engine/classes/js/ 32 KB
7 KB 266ms
258ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/engine/classes/js/dle_js.js?v=25
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: bdbca38a6436221f0c4c54f15947bb5ffa4f3df0c69d448a9f14869d3b6b6b40

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: br
last-modified: Mon, 10 Sep 2018 14:43:00 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6752
expires: Wed, 18 Jan 2023 02:11:12 GMT

GET
H2 200 masha.js Show response
www.blackhatrussia.com/engine/classes/masha/ 24 KB
7 KB 267ms
259ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/engine/classes/masha/masha.js?v=25
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 2c996f142c6fbb1ed7630b7fd168b3c75097183bb1b2a237567cbad416c85a09

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: br
last-modified: Thu, 28 Dec 2017 08:05:16 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7518
expires: Wed, 18 Jan 2023 02:11:12 GMT

GET
H2 200 font-awesome.css
www.blackhatrussia.com/templates/NewsHub/css/ 39 KB
7 KB 494ms
492ms Stylesheet
text/css 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/css/font-awesome.css
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:11 GMT
content-encoding: br
last-modified: Thu, 28 Dec 2017 17:59:38 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7051
expires: Wed, 18 Jan 2023 02:11:11 GMT

GET
H2 200 bootstrap.min.css
www.blackhatrussia.com/templates/NewsHub/css/ 123 KB
18 KB 496ms
494ms Stylesheet
text/css 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/css/bootstrap.min.css
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 2b46b8b2bf6ea470afbe9d4a2343a3e5d7c37774159decfbf0d475bcaeea7f00

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:11 GMT
content-encoding: br
last-modified: Thu, 28 Dec 2017 17:59:38 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18794
expires: Wed, 18 Jan 2023 02:11:11 GMT

GET
H2 200 main.css
www.blackhatrussia.com/templates/NewsHub/css/ 38 KB
6 KB 496ms
495ms Stylesheet
text/css 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/css/main.css
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 931afd0e47554a61b50d49e2aab0102cf6f47ccda0c913f660c06bf50abacc62

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:11 GMT
content-encoding: br
last-modified: Sun, 23 Oct 2022 13:33:28 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6299
expires: Wed, 18 Jan 2023 02:11:11 GMT

GET
H2 200 engine.css
www.blackhatrussia.com/templates/NewsHub/css/ 58 KB
20 KB 494ms
493ms Stylesheet
text/css 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/css/engine.css
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: d3c42ad0fea264e8eacd4c38c8a87d9a9e2c8c822a2b57431f40cd531a1b7698

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:11 GMT
content-encoding: br
last-modified: Sat, 14 Mar 2020 10:02:54 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20898
expires: Wed, 18 Jan 2023 02:11:11 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 83ms
26ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

279dc4487d3289e26a1937df1038d0cfd2b20bc9a60614505785877f4555ff6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.blackhatrussia.com/
Origin: https://www.blackhatrussia.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 11 Jan 2023 02:11:12 GMT
content-md5: fR3tqR+YhDgXGtsW7AhuPQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 4unlcMukLQ3gKSmuRkjdjB4mr1D2ZLMoXf/pKlIrjGv0+PwnysKDsMdODq/xG5SZFSNC1e4hV9zkYR5bDNyzJQ==
x-fb-trip-id: 2050670934
x-fb-content-md5: e4de3f24ff17df0f2f62a8a406f2c920
cross-origin-opener-policy: same-origin-allow-popups
etag: "67b8f513b0a9cc3880f938079bd0fc86"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 11 Jan 2023 02:28:42 GMT

GET
H2 200 logo.png
i.postimg.cc/g0mV3XLg/ 19 KB
19 KB 106ms
37ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/g0mV3XLg/logo.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0587f0dd4df7fdddf5d4c8187c0e4e21477d031f6742c13aeaea2aa241d246ad

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Tue, 22 Dec 2020 16:06:09 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 19534
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 noavatar.png
www.blackhatrussia.com/templates/NewsHub/dleimages/ 572 B
644 B 264ms
257ms Image
image/png 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blackhatrussia.com/templates/NewsHub/dleimages/noavatar.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: f99a2c60ac365f5cebd3b520372c07dac909708e0fb5f8848a0a967c7fc0b98e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Wed, 27 Dec 2017 19:53:30 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 572
expires: Wed, 18 Jan 2023 02:11:12 GMT

GET
H2 200 Screenshot_1.png
image.ibb.co/fdkQmJ/ 58 KB
59 KB 154ms
57ms Image
image/png 104.243.38.177
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ibb.co/fdkQmJ/Screenshot_1.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.177 Oxford, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: disuanqi.dadongeng.cn
Software: nginx /
Resource Hash: c8fd6ea126d2748adeb15a421ef1df9144a3c65b4b4de51941d451eb890288da

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Wed, 16 May 2018 02:41:49 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 59739
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 97ms
51ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3926942378526699

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b8024b208e65bd2ca597e670663ab72adcf54d490cd7c25017e08766c421f4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Origin: https://www.blackhatrussia.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49217
x-xss-protection: 0
server: cafe
etag: 1518584295477286089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Jan 2023 02:11:12 GMT

GET
H2 200 Screenshot-2.png
i.postimg.cc/G2k5yWCd/ 56 KB
56 KB 106ms
39ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/G2k5yWCd/Screenshot-2.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 296247758cd17ebfe15df00e4985186a0582ff9bd6ad822a23f313b7e4643ea1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Tue, 28 Apr 2020 20:51:54 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 57274
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screenshot-1.png
i.ibb.co/47cSvkR/ 124 KB
125 KB 99ms
39ms Image
image/png 104.243.38.177
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/47cSvkR/Screenshot-1.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.177 Oxford, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: disuanqi.dadongeng.cn
Software: nginx /
Resource Hash: 9e9b285b5e45a18e857a34c701dd7dd6786bce395a6b5012f704c850f2656e58

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Fri, 05 Apr 2019 07:55:59 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 127229
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screenshot-3.png
i.ibb.co/zfcdJMr/ 33 KB
33 KB 456ms
396ms Image
image/png 104.243.38.177
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zfcdJMr/Screenshot-3.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.177 Oxford, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: disuanqi.dadongeng.cn
Software: nginx /
Resource Hash: 878a805646818652aad49b5079fefedfbb8c3eda3fc9f3fb33b6d0930a193d3d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Tue, 02 Apr 2019 05:09:20 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33970
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screenshot-3.png
i.postimg.cc/6pjwzJB7/ 484 KB
485 KB 105ms
38ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/6pjwzJB7/Screenshot-3.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a1f85ce69c4f8f6486cafc213676862b1915da98624a570076fefaff5ed8b61

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Sun, 08 Jan 2023 02:03:17 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 495895
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 download.jpg
i.postimg.cc/CxzM3LPC/ 164 KB
164 KB 106ms
39ms Image
image/jpeg 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/CxzM3LPC/download.jpg
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: d5f217f130aa1998f0793687d6f322e2d94564df55fce37c32a52970711fa65d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Sat, 07 Jan 2023 08:48:51 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 167900
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screenshot-4.png
i.postimg.cc/DZf1dhZW/ 579 KB
579 KB 105ms
38ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/DZf1dhZW/Screenshot-4.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: dc34de445ba8832cab0364fbe8b5e8c3ea3125d6ee3cc49d7709c00b90ad0d39

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Sat, 07 Jan 2023 07:17:07 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 592386
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screenshot-2.png
i.postimg.cc/Dykt2pYW/ 346 KB
347 KB 82ms
81ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/Dykt2pYW/Screenshot-2.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a15880567b866aed84bd0648fdf61b4160504cc87d40b006fa7e49e3a871abe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Sat, 07 Jan 2023 04:33:23 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 354255
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screenshot-1.png
i.postimg.cc/VN9fkFGW/ 311 KB
312 KB 82ms
81ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/VN9fkFGW/Screenshot-1.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b0c1d0df4edb116f07c971d25d11314668f6d55942bbaff75317e92cafdabc9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Thu, 05 Jan 2023 19:08:24 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 318476
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Untitled-1.png
i.ibb.co/hcC5qzR/ 208 KB
209 KB 69ms
68ms Image
image/png 104.243.38.177
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/hcC5qzR/Untitled-1.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.177 Oxford, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: disuanqi.dadongeng.cn
Software: nginx /
Resource Hash: cf3043323861959644571a483d5b303586e5b7d769dbd270ade27d5460fd7514

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Tue, 22 Jan 2019 11:58:15 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 213209
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 41-CQThq-KMSL.jpg
i.postimg.cc/66kyLQ37/ 28 KB
28 KB 82ms
81ms Image
image/jpeg 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/66kyLQ37/41-CQThq-KMSL.jpg
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: f782439ae42a116ca564bdc2db6c84e3210245431053efb3661fb8c743efabe4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Tue, 23 Feb 2021 20:43:07 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 28270
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Spy-Note-Cracked-v-Za-Bwy-KYnn.png
i.postimg.cc/y8fpbG7L/ 28 KB
28 KB 82ms
81ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/y8fpbG7L/Spy-Note-Cracked-v-Za-Bwy-KYnn.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9077c27ebbf4f8068bed10a29d7a83fa429556c51c8822621a83092b6f07e788

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Sun, 28 Apr 2019 23:25:07 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 28824
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Untitled.png
i.ibb.co/vYkqLvq/ 175 KB
176 KB 69ms
68ms Image
image/png 104.243.38.177
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/vYkqLvq/Untitled.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.177 Oxford, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: disuanqi.dadongeng.cn
Software: nginx /
Resource Hash: 4f191b29b5a82acb4699caaf1626cc8a32aebb336ba7e36e722760092424d8dd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Thu, 18 Apr 2019 20:24:04 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 179686
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screenshot-2.png
i.postimg.cc/MT0dMcXZ/ 169 KB
169 KB 83ms
82ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/MT0dMcXZ/Screenshot-2.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d25c62b881f7877c0f90f76bc5c14f8dcec37bd70861cd8c7365fde3a34e858

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Fri, 12 Apr 2019 19:18:45 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 172614
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1432516568-43227fd0d6d3.png
image.ibb.co/i6hj3V/ 64 KB
64 KB 69ms
57ms Image
image/png 104.243.38.177
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ibb.co/i6hj3V/1432516568-43227fd0d6d3.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.177 Oxford, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: disuanqi.dadongeng.cn
Software: nginx /
Resource Hash: 968a67e4175b747bc7ce09cf87bf6fd5a75bb895e0885ed6bfd19be70a8f1d73

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Wed, 07 Nov 2018 03:52:34 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 65036
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iwZgykd.png
i.imgur.com/ 39 KB
39 KB 90ms
26ms Image
image/png 146.75.36.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/iwZgykd.png

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

fbf5f721136787516b7fc3e956e42a3641ca2c9c5b7bde64b75a9cdaeba6099f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 962763
x-cache: HIT
content-length: 39712
x-served-by: cache-iad-kcgs7200049-IAD
last-modified: Tue, 10 May 2016 05:26:11 GMT
server: cat factory 1.0
x-timer: S1673403073.526538,VS0,VE3
etag: "86d0870d3aa15cd7efd298d1d8f942f7"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 Screenshot_9.png
image.ibb.co/hW1wtd/ 21 KB
21 KB 89ms
87ms Image
image/png 104.243.38.177
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ibb.co/hW1wtd/Screenshot_9.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.177 Oxford, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: disuanqi.dadongeng.cn
Software: nginx /
Resource Hash: bbb07817cb41eed7ebcefd43d61c943fd5faa9a8d3aab0f04ae71078cd340496

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Fri, 20 Jul 2018 18:06:28 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 20992
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 screenshot-8.png
i.postimg.cc/kMfdCFN9/ 12 KB
12 KB 38ms
37ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/kMfdCFN9/screenshot-8.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: ae7ec2d7b6b5b9a8a0d4f2c0db037b2ca73e0c5172aec3b2248dd31ac2e02d24

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Wed, 29 Dec 2021 04:43:01 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 12029
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screenshot-1.png
i.postimg.cc/0Q04dLFv/ 237 KB
237 KB 38ms
37ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/0Q04dLFv/Screenshot-1.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: f9a15758712d4b4383b841aa761336c78c066e69f96dcabc452f7c740b972a49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
last-modified: Mon, 15 Nov 2021 13:37:14 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 242525
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d.js Show response
waust.at/ 14 KB
7 KB 90ms
33ms Script
application/x-javascript 2606:4700:20::681a:407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Jan 2023 20:16:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1736
etag: W/"63bc7615-3972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJgTZvib1h0wkwFKc3os2mKjSyMZuwaxN9RIQV66HYfOVBWXgKDSGj9JKev%2FwAOgk2Z1AdYY%2BqJ7tGUajYSjEKHRQJ%2FvBskc4pgCYk%2Fl6R%2BNieB5Obpy4sk84FTccBLgg%2B2%2FbyCp"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 787a1ed3e8ec17ed-EWR
expires: Thu, 12 Jan 2023 01:42:16 GMT

GET
H2 200 live.js Show response
cdn.livetrafficfeed.com/static/v4/ 48 KB
18 KB 736ms
240ms Script
application/javascript 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livetrafficfeed.com/static/v4/live.js
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: 79a558856447a11241f7dc84b91cf5503eb748367324b74fd8a37d7d270ac08a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:45 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 22:01:13 GMT
server: Nginx
etag: W/"63bde029-beab"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
expires: Fri, 10 Feb 2023 01:46:45 GMT

GET
H2 200 bootstrap.js Show response
www.blackhatrussia.com/templates/NewsHub/js/ 70 KB
13 KB 266ms
256ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/js/bootstrap.js
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 8c34c37291ee6d38191ac0a84ef1aedde856af334a96245759d0482912edb067

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: br
last-modified: Thu, 28 Dec 2017 17:59:32 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13672
expires: Wed, 18 Jan 2023 02:11:12 GMT

GET
H2 200 owl.carousel.min.js Show response
www.blackhatrussia.com/templates/NewsHub/js/ 39 KB
10 KB 262ms
253ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/js/owl.carousel.min.js
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: e04e2b4e27ae9881b1e161954cc00ba16c8c3a0ce73a179824756353efd6c481

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: br
last-modified: Thu, 28 Dec 2017 17:59:32 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10325
expires: Wed, 18 Jan 2023 02:11:12 GMT

GET
H2 200 main.js Show response
www.blackhatrussia.com/templates/NewsHub/js/ 3 KB
782 B 258ms
249ms Script
application/javascript 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/js/main.js
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 4c444545c886a942c71cda6fac3897448c6c6509593ab8a4792856ea2818aef2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: br
last-modified: Thu, 21 Mar 2019 17:45:42 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 680
expires: Wed, 18 Jan 2023 02:11:12 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/ 356 KB
117 KB 59ms
56ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71bc4cd2d6567eb94df35e68918e17e56ce1814dd5855916da1e3c04a252f273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119968
x-xss-protection: 0
server: cafe
etag: 7041744331548018828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Jan 2023 02:11:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230109/r20190131/ Frame 0719 10 KB
5 KB 69ms
21ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 29429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 18:00:43 GMT
etag: 10353107486223812946
expires: Tue, 24 Jan 2023 18:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 306 KB
86 KB 50ms
24ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=61feab5620f641145c49bbe0d42ae79b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35262a573730eea21d8065f9a033ec10aa1291bc20c24b73f7daed2131149f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.blackhatrussia.com/
Origin: https://www.blackhatrussia.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 11 Jan 2023 02:11:12 GMT
content-md5: NX2knLvwmZEzDv6OnljiTg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88413
x-fb-rlafr: 0
x-fb-debug: U4mmPgnnYD5mT/9K6kTGMZMuGy1agjE3fQuA2xluCYbGcefScYdIQVtGrSEyZzF1J0vUx/k/1Lp/s6Qfrw4rGA==
x-fb-content-md5: a6575f5a62debab26c228aeb68b21637
cross-origin-opener-policy: same-origin-allow-popups
etag: "5d6854902862bd74a19de69353bc7b57"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 11 Jan 2024 01:29:25 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
704 B 84ms
35ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.blackhatrussia.com&callback=_gfp_s_&client=ca-pub-3926942378526699&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b616cb4a1bfb84e05290d4d6207756780744db8f3f8acf6cbc0add286033df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 97ms
40ms Script
application/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.blackhatrussia.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 85ms
38ms Script
application/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.blackhatrussia.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1ED4 328 KB
72 KB 1017ms
977ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3926942378526699&output=html&adk=1812271804&adf=3025194257&lmt=1673403072&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673403071977&bpp=340&bdt=180&idt=465&shv=r20230109&mjsv=m202212050103&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3052224095165&frm=20&pv=2&ga_vid=1161304269.1673403072&ga_sid=1673403072&ga_hid=82569676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C44779793&oid=2&pvsid=4465137890185292&tmod=1078062633&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=492

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e256d90249ce85b704f18debe2fc7a2317fe87a9a0f4c73ba7fdae7f38b97063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 73406
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 02:11:13 GMT
expires: Wed, 11 Jan 2023 02:11:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 85ms
36ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:400,700&subset=cyrillic

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/templates/NewsHub/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3da48afbe47fc124def22b7f1998aaf96a0d8d5d5652232fdd545cd550135794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 02:11:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Jan 2023 02:11:12 GMT

GET
H/1.1

200
OK

bundle.js Show response
static.getbutton.io/widget/
Redirect Chain

https://static.getbutton.io/widget-send-button/js/init.js
https://static.getbutton.io/widget/bundle.js

297 KB
92 KB

208ms
208ms

Script
application/javascript

176.9.188.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getbutton.io/widget/bundle.js
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: HTTP/1.1
Server: 176.9.188.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.20.188.9.176.clients.your-server.de
Software: nginx/1.23.1 /
Resource Hash: 3c085334e6b44f6cf23f51bed0eadaca9839f2794bc1ad61923169b2efbfee63

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 07:15:25 GMT
Server: nginx/1.23.1
ETag: W/"63bd108d-4a5cc"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: keep-alive
Expires: Wed, 11 Jan 2023 05:11:13 GMT

Redirect headers

Location: https://static.getbutton.io/widget/bundle.js
Date: Wed, 11 Jan 2023 02:11:12 GMT
Server: nginx/1.23.1
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 18 KB
18 KB 68ms
20ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.blackhatrussia.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 10:25:27 GMT
x-content-type-options: nosniff
age: 402345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18260
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 10:25:27 GMT

GET
H2 200 fontawesome-webfont.woff2
www.blackhatrussia.com/templates/NewsHub/fonts/ 75 KB
75 KB 547ms
247ms Font
font/woff2 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/templates/NewsHub/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/templates/NewsHub/css/font-awesome.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.blackhatrussia.com/templates/NewsHub/css/font-awesome.css
Origin: https://www.blackhatrussia.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
last-modified: Thu, 22 Dec 2016 14:50:34 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 77160
expires: Wed, 18 Jan 2023 02:11:13 GMT

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 89ms
44ms Script
application/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.blackhatrussia.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 87ms
45ms Script
application/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.blackhatrussia.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9CF 104 KB
34 KB 828ms
827ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1673403072&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673403072652&bpp=25&bdt=854&idt=25&shv=r20230109&mjsv=m202212050103&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3052224095165&frm=20&pv=1&ga_vid=1161304269.1673403072&ga_sid=1673403072&ga_hid=82569676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C44779793&oid=2&pvsid=4465137890185292&tmod=1078062633&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WX3HnsOTrI&p=https%3A//www.blackhatrussia.com&dtd=33

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52a1ce24fad08cd8b6e8dc4965500968b038f52cf541a03a34cfc3cc31b02c80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34674
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 02:11:13 GMT
expires: Wed, 11 Jan 2023 02:11:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET pluso-like.js
share.pluso.ru/ 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F7E2 75 KB
22 KB 645ms
644ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1673403072&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673403072729&bpp=9&bdt=931&idt=9&shv=r20230109&mjsv=m202212050103&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=3052224095165&frm=20&pv=1&ga_vid=1161304269.1673403072&ga_sid=1673403072&ga_hid=82569676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C44779793&oid=2&pvsid=4465137890185292&tmod=1078062633&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=peTvaq37YE&p=https%3A//www.blackhatrussia.com&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e105bb9ebbf3f8bf7ade2a542de214bd3c2ff0063a1ff420c4e02ae2bce467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 22880
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 02:11:13 GMT
expires: Wed, 11 Jan 2023 02:11:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
t.dtscout.com/i/ 8 KB
4 KB 103ms
47ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&j=
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0802724f132e8f7749d4ba1f62c56c5dc20751e609d0d8b4388f92c9080e46c5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
x-t: 0.62
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YT8hGvvMT4EkvgRraK5e%2Ffx%2Fck8NfxkCMYtmsatPinq5ixfd4Z87AwRwXkyBX6Tq99lbbx5mx8NK1aO9pUEVYKR3lpfVChDN9C%2FeDgbbV9LSjM1H%2BLVLAfo8MOLw6S3iA3oAI8gDbVxQFe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 787a1ed59cd5c45c-EWR
expires: Wed, 11 Jan 2023 02:11:11 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame BB6A 1 KB
734 B 46ms
45ms Document
text/html 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=104016734030727C3CB4B241B197F171
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698bba7b1bfbfb7328aca6068c65d12d9c226de02ad0968aec817b29ec2902da

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 787a1ed5edacc45c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 11 Jan 2023 02:11:12 GMT
expires: Wed, 11 Jan 2023 02:11:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Eeb%2BdtcknjM72MmceIua7PXAwFIvr3CHF5G1g4AGz1f2rgNBSKvGaUWPQhi9Quwbp1tluqRyjzsEU5s%2BWLH2n7vA6C6LjBdqn6TS%2BMQqFv4rw4OetkeGVxo7QEAnkM6pvO5Jd4ZMR5tprM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 106ms
30ms Script
text/javascript 13.32.164.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.164.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-164-88.ord58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 17:14:14 GMT
content-encoding: gzip
via: 1.1 0835ebd52ef8594cd8aa4dac9cfbd9a8.cloudfront.net (CloudFront)
x-amz-version-id: ePoTNcv0DaSHt0vz0AKUJEI0tBAExaJ3
last-modified: Thu, 25 Aug 2022 14:07:06 GMT
server: AmazonS3
x-amz-cf-pop: ORD58-P1
age: 32220
etag: W/"c722c8e06c3a9be75b009576c49f7792"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 6f1cAtmzfHd9kVY_gqmucCl5PTYkurn5L9nf6VF1OrHNNw4Jv_u56w==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 156ms
36ms Script
application/javascript 18.220.3.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.220.3.90 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-220-3-90.us-east-2.compute.amazonaws.com

Software

Resource Hash

aadc5fcd61829a409715ec0e59028fd50a24b2685a9a51a7db9f0dace6be97a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:13 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2273
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
340 B 51ms
51ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=blackhatrussia.com&_ss=5xqt5a5ly1&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=1px7&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01bdd97a69283e5ae6d25f2860315323371c9303354b4dc3f319208de461c407

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
x-t: 0.155
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgdHC3rXeQsbQxboN5DhQoPsQS83AW4%2FzE0i9i99pGvXUrDzTSA6FbH6TK1nF%2FPir9JJE4xiLIr7Op2ORbZn749xRhp2G5X1NM5FqDn08j9dpP322s3oAE%2FcW6aFlE68QuSEQNpetq3rMFA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 787a1ed5edb0c45c-EWR
expires: Wed, 11 Jan 2023 02:11:11 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 52 KB
16 KB 69ms
22ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6691c17050e97fa3a70eb75b6da5d601b461af4d26b954f87dcddbf354f61eda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 07:10:22 GMT
content-encoding: gzip
via: 1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 18:30:29 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 68452
x-amz-server-side-encryption: AES256
etag: W/"d92273856cbc8d3aad0c2259f9be9a68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: 9_JwyMDmsNzJRkVdJ83gynXOEcrmQ92xbh_Lz4db9R6hKYcqVMbUEQ==

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
604 B 141ms
83ms Script
application/javascript 2606:4700:20::ac43:4aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=104016734030727C3CB4B241B197F171&nid=0&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&r=
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
x-t: 5.78
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGAaHIpq0TA7jowhSUPf5JZOZSqZE9VGjLl0BOIDPmmzi%2Bujp2yG6jBY%2FGBHbIllyjJ9G43GDEAtniMSBagpFbMT9SWJA6o9h%2FwjzYHyWEE%2FXyo4A2jqiAR3Jyu%2B7ZF%2BTKC0dvoHumWd5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 787a1ed6b934c40e-EWR
expires: Wed, 11 Jan 2023 02:16:13 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
594 B 110ms
56ms XHR
application/json 2606:4700:e0::ac40:6a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=104016734030727C3CB4B241B197F171
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f349b0fb431d03e459f2d5a45fae95e1961ae71976a01838cd30f3bf04f9ca0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: cache
date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4SkxAoHlZOv08Fxhq4A1jAibeGgwzlIeVY0NTCnQD%2FmGsi8XmBH%2BCplAIuO2Cldagc8bPWD8CFjFSrHIF4glsOlmM4yDNYH%2Fjf67eQpxKhiaI4ZnxleBjHjB4w2OxirzsY5%2ByrYuu1De4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.blackhatrussia.com
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 787a1ed6a8821801-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 2023 04:11:13 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=104016734030727C3CB4B241B197F171
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=70484889-ebba-4b5c-9c7f-1555ae41aa31&icm&gdpr=0&gdpr_consent=&cver
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=25f874b7f2b4a1e8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=25f874b7f2b4a1e8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=2098dff33ee36f692f526484e827eb51&gdpr=0
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d479322af39ca51391d4d2e31a691bcc&gdpr=0
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
https://pixel.onaudience.com/?partner=252&mapped=y-7jb9vOVE2pQwwuDxvCV7vE71N5QToQx2vA--~A&gdpr=0
https://spl.zeotap.com/?zdid=1332&zcluid=25f874b7f2b4a1e8
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d4692cd3-2dad-4029-411c-5e55e5a61af0&reqId=259fe932-2151-4af3-4880-ca1865bc37ae&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEHkdqdEZcN7lzNm7o8OFPWk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d4692cd3-2dad-4029-411c-5e55e5a61af0&reqId=259fe932-2151-4af3-4880-ca1...

95 B
152 B

114ms
114ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEHkdqdEZcN7lzNm7o8OFPWk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d4692cd3-2dad-4029-411c-5e55e5a61af0&reqId=259fe932-2151-4af3-4880-ca1865bc37ae&zcluid=25f874b7f2b4a1e8&zdid=1332
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://www.blackhatrussia.com
access-control-allow-credentials: true
cf-ray: 787a1ee5deacc436-EWR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEHkdqdEZcN7lzNm7o8OFPWk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d4692cd3-2dad-4029-411c-5e55e5a61af0&reqId=259fe932-2151-4af3-4880-ca1865bc37ae&zcluid=25f874b7f2b4a1e8&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
951 B 73ms
29ms Fetch
application/json 13.225.223.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-33.jfk51.r.cloudfront.net
Software: /
Resource Hash: 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 12:04:05 GMT
via: 1.1 e1fcfcab7d719cee2446e5bb755eb260.cloudfront.net (CloudFront), 1.1 6fcb3966d0deb6baf3867f346443cb9a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, JFK51-C1
age: 50828
x-amzn-requestid: 005ea5c6-c209-4e46-8d68-f74fa0849d37
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: ehoYbFaLCYcFcRQ=
content-length: 535
x-amz-cf-id: MA4AtHdkhKXvgxsNiMAixwkyg1ijrYXCX5ChPmNCgvRTUU5IkpNo0g==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 109ms
28ms Script
application/javascript 104.64.213.153
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.2873463022512126&stid=ZHgACGO%2BGsEAAAAIJhgRAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.213.153 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-213-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

fff97bb5f388660cf4e6e81941a2268183151db6560b5cba459b352b77680543

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1360
Expires: Wed, 11 Jan 2023 03:11:13 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 35ms
35ms Image
image/gif 18.220.3.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&event_source=dtscout&rnd=0.2873463022512126&exptid=ZHgACGO%2BGsEAAAAIJhgRAw%3D%3D&fcmp=false

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.220.3.90 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-220-3-90.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:13 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 5919 2 KB
1 KB 23ms
22ms Document
text/html 104.64.213.153
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1109.23349&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.2873463022512126&stid=ZHgACGO%2BGsEAAAAIJhgRAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.213.153 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-213-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Wed, 11 Jan 2023 02:11:13 GMT
Expires: Wed, 18 Jan 2023 02:11:13 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1109.23349/a/CA/ Frame 00D0 20 KB
9 KB 32ms
32ms Script
text/javascript 104.64.213.153
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1109.23349/a/CA/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1109.23349&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.213.153 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-213-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1109.23349&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:13 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8748
Expires: Wed, 18 Jan 2023 02:11:13 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 6 KB
2 KB 157ms
28ms Script
text/javascript 18.160.225.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.225.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-225-62.ord58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78009d649db9f062dc6e568dd4f35e634440b36534d063f788f465af1f3397d9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: qV9NCsYZSqBrcH4UHbD8Pmp65zU2fPAA
content-encoding: gzip
via: 1.1 6dfbdbb536476295b00dcf3a83fdf9fc.cloudfront.net (CloudFront)
date: Wed, 11 Jan 2023 02:04:37 GMT
last-modified: Thu, 25 Aug 2022 05:23:07 GMT
server: AmazonS3
x-amz-cf-pop: ORD58-P4
age: 397
etag: W/"c0cf56fa6d8f9665d6e8f16542e3ba9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: qn5RcWU60yAU3fvitAdex1mMN5RvsVUGUAUecpUdCFqv4ToIZEuWWg==

GET
H2 200 marker.png
www.blackhatrussia.com/templates/NewsHub/dleimages/ 1 KB
1 KB 553ms
252ms Image
image/png 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blackhatrussia.com/templates/NewsHub/dleimages/marker.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/templates/NewsHub/css/engine.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: f4d00d2b1105c2e78c8ce501c375b86d495e86d5451ea08b439ad0b9270d3ab8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/templates/NewsHub/css/engine.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
last-modified: Thu, 07 Sep 2017 22:23:28 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1050
expires: Wed, 18 Jan 2023 02:11:13 GMT

GET
H2 200 page.php Show response
www.facebook.com/v14.0/plugins/ Frame 6693 49 KB
18 KB 144ms
90ms Document
text/html 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a4ce917457448%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=61feab5620f641145c49bbe0d42ae79b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

524fc915502b482604dba0137ef9d46ff83b88ca0816b5991227676a0c725f54

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 11 Jan 2023 02:11:13 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: yMuwnOM2bRwvF1zXhUSdsJD8snfad3OYMNjNfzFAJyPZI828l3mXF9mrnnMVQz+7rBzGq3kVWA5wuABdvJuZww==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 page.php Show response
www.facebook.com/v14.0/plugins/ Frame D7E0 49 KB
15 KB 158ms
115ms Document
text/html 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=61feab5620f641145c49bbe0d42ae79b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23b758bb167611d78b15c93e8fc82b536777689aa548609f7c4878fc62a87d5d

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 11 Jan 2023 02:11:13 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: eouRMC/ti0qpdL+OkHtFVVQmjfa0U42TxVuo5ByMVKcrF0QaKuGx4VUfAjtwQHuXEyox2Vx4ZBMNtwYz+4yH9Q==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 / Show response
whos.amung.us/pingjs/ 28 B
182 B 128ms
54ms Script
text/javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=2jl8c6alqn&t=JPS%20Virus%20Maker%20%C2%BB%20learn%20all%20kind%20of%20hacking&c=d&x=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&y=&a=0&v=27&r=3564
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e9c240716aa7e55a6d14ed5d1a25d6197318667272e094f3953ae0a68b9c84

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 787a1ed90c261825-EWR
content-type: text/javascript;charset=UTF-8

GET
H2 200 jquery.js Show response
livetrafficfeed.com/static/v5/ 2 KB
1 KB 1172ms
648ms Script
application/javascript 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://livetrafficfeed.com/static/v5/jquery.js?ranid=PjQBoCDpYSmD7SUrVS4OIWpk5c7FvA3911wFo34reC5v4a7yRM&cookie_id=&link=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&clientwidth=1600&clientheight=1200&num=10&title=JPS%20Virus%20Maker%20%C2%BB%20learn%20all%20kind%20of%20hacking&referrer=&timezone=America%2FNew_York&root=0

Requested by

Host: cdn.livetrafficfeed.com
URL: https://cdn.livetrafficfeed.com/static/v4/live.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.99.46.91 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

91.ip-139-99-46.eu

Software

Nginx /

Resource Hash

61c5979cbaac3c6fbccb70a47704f3b362e1e5136065d778a6fb0772a6627268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 01:46:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: Nginx
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame D864 438 B
675 B 36ms
36ms Script
application/javascript 18.220.3.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1109.23349&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.220.3.90 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-220-3-90.us-east-2.compute.amazonaws.com

Software

Resource Hash

bfa8ea15943e4e7b24da7ab58863a69525f610574d004fcafe3a3a786f21d33a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:13 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 00D0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=4003f191-439d-4127-b5cf-a958120b9405&gdpr=0&gdpr_consent=

42 B
297 B

154ms
35ms

Image
image/gif

3.135.147.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=4003f191-439d-4127-b5cf-a958120b9405&gdpr=0&gdpr_consent=

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

HTTP/1.1

Server

3.135.147.228 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-147-228.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:13 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHgACGO+GsEAAAAIJhgRAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=4003f191-439d-4127-b5cf-a958120b9405&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 215

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame 00D0
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=d479322af39ca51391d4d2e31a691bcc

42 B
297 B

42ms
42ms

Image
image/gif

3.135.147.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=d479322af39ca51391d4d2e31a691bcc

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

HTTP/1.1

Server

3.135.147.228 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-147-228.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:13 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHgACGO+GsEAAAAIJhgRAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

date: Wed, 11 Jan 2023 02:11:13 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=d479322af39ca51391d4d2e31a691bcc
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 00D0
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2F6w9UnJs0I2nUIltgcqIX9vU8WFAFfGOQv3R_3tmOEQ&gdpr=0&gdpr_consent=

42 B
297 B

120ms
38ms

Image
image/gif

3.135.147.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2F6w9UnJs0I2nUIltgcqIX9vU8WFAFfGOQv3R_3tmOEQ&gdpr=0&gdpr_consent=

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

HTTP/1.1

Server

3.135.147.228 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-147-228.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:13 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHgACGO+GsEAAAAIJhgRAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2F6w9UnJs0I2nUIltgcqIX9vU8WFAFfGOQv3R_3tmOEQ&gdpr=0&gdpr_consent=
Date: Wed, 11 Jan 2023 02:11:13 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H3

200

csync.ashx
ml314.com/ Frame 00D0
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHgACGO%2BGsEAAAAIJhgRAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3632800557477920817
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMjgwMDU1NzQ3NzkyMDgxNxAAGg0IwbX4nQYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=773797b9459d95db5ea9d6ae13404212f10d8c50361c5b6fea974b731cd46d44f4cb09cee1a4f8eb&person_id=3632800557477920817&eid=50082

43 B
60 B

92ms
56ms

Image
image/gif

34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=773797b9459d95db5ea9d6ae13404212f10d8c50361c5b6fea974b731cd46d44f4cb09cee1a4f8eb&person_id=3632800557477920817&eid=50082
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:12 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Wed, 11 Jan 2023 21:11:13 GMT

Redirect headers

date: Wed, 11 Jan 2023 02:11:13 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=773797b9459d95db5ea9d6ae13404212f10d8c50361c5b6fea974b731cd46d44f4cb09cee1a4f8eb&person_id=3632800557477920817&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame 00D0
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZHgACGO%2BGsEAAAAIJhgRAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

70ms
36ms

Image
image/gif

3.135.147.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

HTTP/1.1

Server

3.135.147.228 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-147-228.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:13 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHgACGO+GsEAAAAIJhgRAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Wed, 11 Jan 2023 02:11:13 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H3 200 css
fonts.googleapis.com/ Frame F7E2 3 KB
601 B 79ms
37ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1673403072&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673403072729&bpp=9&bdt=931&idt=9&shv=r20230109&mjsv=m202212050103&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=3052224095165&frm=20&pv=1&ga_vid=1161304269.1673403072&ga_sid=1673403072&ga_hid=82569676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C44779793&oid=2&pvsid=4465137890185292&tmod=1078062633&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=peTvaq37YE&p=https%3A//www.blackhatrussia.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 02:03:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Jan 2023 02:11:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame F7E2 2 KB
818 B 74ms
25ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame F7E2 22 KB
9 KB 68ms
19ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame F7E2 3 KB
1 KB 62ms
26ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame F7E2 18 KB
7 KB 71ms
22ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F7E2 156 KB
48 KB 145ms
95ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48956
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673267917225388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 11 Jan 2023 02:11:13 GMT

GET
H2 200 1507d5c23d710c2e70b81f354fbf7065.js Show response
www.gstatic.com/mysidia/ Frame F7E2 33 KB
14 KB 75ms
19ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:26:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 18:00:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F7E2 0
0 45ms
44ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CccBtwBq-Y-zKMqyR78EPtIiIkAvoitOKbo267N25CZzV1c-MDhABIJ2VnyZg_eiigfADoAGBluj-A8gBBqgDAcgDAqoE_gFP0Kk9Rfk5m40TFAcQ5HrZV0p7wBAbimIK841o__-Plr15I1YkGjsF-rGvcESF2wJqB_e1WLgiyswTEWZ1czU8nRwvicfIXwuHMZEJmvS_N4OGAxVqZZSDvSQvB1HFmr1zWOQKOVKUfdOOnHxlxeuaGJWswmbyY97oZEvY8z1xHEdzJN1OE5tPkkQTZdxZRpSKAOWAmTBBRRNX2Ty9_3Axd4ZSSWcflq9KhZ_8wbMRLfG8ExT1oMbmicDksytQRY1SjBRK6dSkBdzxpWfgzqKlJhSJ_assq1OixI0ac5CJxyfJUEcJwUSqL1a8QB4z_-l_D_SMcUsm5FjfJ4iBAsAErpr72okBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB-fplwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQ3bcY0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMMiBQK0BUBgBcBshccChoIABIUcHViLTM5MjY5NDIzNzg1MjY2OTkYAA&sigh=3MTmMQjRaD0&uach_m=[UACH]&cid=CAQSGwDq26N90flkcBg6Yy68DJaKvQF7MyNz2ZpzexgBIBM&template_id=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3926942378526699&output=html&h=600&slotname=9994309869&adk=2449921201&adf=522032239&pi=t.ma~as.9994309869&w=300&lmt=1673403072&format=300x600&url=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673403072729&bpp=9&bdt=931&idt=9&shv=r20230109&mjsv=m202212050103&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=3052224095165&frm=20&pv=1&ga_vid=1161304269.1673403072&ga_sid=1673403072&ga_hid=82569676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C44779793&oid=2&pvsid=4465137890185292&tmod=1078062633&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=peTvaq37YE&p=https%3A//www.blackhatrussia.com&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 11 Jan 2023 02:11:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 11 Jan 2023 02:11:13 GMT

GET
H3

200

6577506610223554973
tpc.googlesyndication.com/simgad/ Frame F7E2
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr8fX2TxDeAhjeAjIIQDue9aoigZ8
https://tpc.googlesyndication.com/simgad/6577506610223554973

23 KB
23 KB

64ms
20ms

Image
image/png

2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6577506610223554973

Requested by

Protocol

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f7ce70d37f721facab49d8c60c3101a19bfeb04c13248610b7b7e0c4cc1e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 08:19:03 GMT
x-content-type-options: nosniff
age: 496330
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23274
x-xss-protection: 0
last-modified: Thu, 28 Feb 2019 11:48:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jan 2024 08:19:03 GMT

Redirect headers

date: Tue, 10 Jan 2023 05:26:28 GMT
x-content-type-options: nosniff
server: cafe
age: 74685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6577506610223554973
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Feb 2023 05:26:28 GMT

GET
H2 200 1735693275594153158_16608232863811718906.jpeg
static.doubleclick.net/dynamic/5/202181353/ Frame F7E2 3 KB
4 KB 72ms
20ms Image
image/jpeg 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/202181353/1735693275594153158_16608232863811718906.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8e226c0eee98736ce4bcdce5e6ec8583307dadbe2f1c148aef9ba0030f48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 23:34:19 GMT
x-content-type-options: nosniff
age: 9414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3190
x-xss-protection: 0
last-modified: Sun, 25 Apr 2021 13:55:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 23:34:19 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame D864 51 KB
16 KB 152ms
45ms Script
application/javascript 104.71.223.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.71.223.212 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-223-212.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 11 Jan 2023 02:11:13 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Wed, 18 Jan 2023 02:11:13 GMT

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
470 B

30ms
29ms

Fetch
application/json

63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: HTTP/1.1
Server: 63.251.86.50 Woodbridge, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 4edc254f31f2ee5e3168241fe3326c6fd09b27494ef8203da7bdb3a412753cc0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.blackhatrussia.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Wed, 11 Jan 2023 02:11:13 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin: https://www.blackhatrussia.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 101ms
34ms Script
application/javascript 104.18.36.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dab070ee75ce06cf5e8bb6ab989f0130e40f216a1a717d6a0538a57f5143fec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 20:39:00 GMT
server: cloudflare
age: 19910
etag: W/"63bdcce4-4571"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 787a1ed9ce6da1ec-YYZ
expires: Sat, 14 Jan 2023 02:11:13 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 qUpT11mm0GW.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 6693 19 KB
5 KB 104ms
56ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/qUpT11mm0GW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a4ce917457448%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1caaefb8c930c268f67d6fe8949d4814bbf7084b473145418f219dd148f2600

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 98XfbS2dkMoGdCC5MtwwMQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4995
x-fb-rlafr: 0
x-fb-debug: wg6xQBJa8A1h3qXUnA5qxjZg9MLqRp8YOWuG5+aaBaSOSBl6xGXV5pj5dUGGZtMqFNSwUxmUvtSMQNXTenhNjA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Jan 2024 17:07:42 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 6693 2 KB
1 KB 69ms
21ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: GVkC7SloHLCZJPbAHLxTi19nUbgupK32J7kmL4uXAypMdCnrBYsyMdr1Ej7pIFMLEVrU5f+bDEC9qAvO0up0rA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 03 Jan 2024 21:16:08 GMT

GET
H2 200 wtmvR9r7LW5.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 6693 305 KB
81 KB 71ms
23ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1dbd5e9b983ca4093726df38adf8c99cc5d63848302473b1f0d46a7b372b552

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QAErsU2+TlN97nYjIWxN7Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 82796
x-fb-rlafr: 0
x-fb-debug: mzfaSxji4bthnGV2G/ivRIs04fpTj60sc0STlC7/krPngwt1TNmyYAy6yBURf5TXmmtgWElWXltKO6nl7A/uhA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 06 Jan 2024 02:33:22 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 6693 5 KB
2 KB 117ms
69ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: koakLGY1v5R2GWTxsSnA3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1615
x-fb-rlafr: 0
x-fb-debug: iVEVfe7zWACsqan8EnLJoCmTZwvwPbZzfJmCvcP37ADvOKSGNBfygf0fNHuQS8jylWFOYTHbl/25kyfNPLcSWw==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Jan 2024 19:40:52 GMT

GET
H2 200 8LoDHCcRMmF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 6693 38 KB
12 KB 114ms
67ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GtFa/ANPMQQnyBsHWWA6Kw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12334
x-fb-rlafr: 0
x-fb-debug: Cd8xaBrPP1GOlf+tBYZh2HkY3EjVbVKJFficUV9p0CuAuFrtpGbWMzR01DAfZgQ1GKdD8GYu+UAuDDn5cY8hbg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Jan 2024 19:40:56 GMT

GET
H2 200 bPhRbIw5d4Y.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ Frame 6693 51 KB
16 KB 110ms
63ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yS75TjCi3ZRz/Z/lM0crcw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16232
x-fb-rlafr: 0
x-fb-debug: RUnJ5HXxW1AmPxlYrO43aIqSGWMzzwvFcxceupUL6Sx/N1XuHYqc7H/AlDnA8jn1A+C+1IzAbGs4MMRf7u1feQ==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 06 Jan 2024 15:19:21 GMT

GET
H2 200 0cKQbVrk19s.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 6693 18 KB
6 KB 114ms
67ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/0cKQbVrk19s.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42319f941cd9da4e2937e856dbb573f3fa9fb05e6784a5fb3761f7b8c91ac724

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q8AcXLnh9lqBhL0/oorl3w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6166
x-fb-rlafr: 0
x-fb-debug: 6v5sd468isijeZgdU7HgeLsSLkqsSZh81j8EG8U/KMSUuY6pSJwkcG8DMZ6+kPdcdAgn4x4ZkRe39cvtV4rGkA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Jan 2024 23:15:02 GMT

GET
H2 200 KkdHmYcefNy.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame 6693 16 KB
5 KB 113ms
66ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/KkdHmYcefNy.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5e107adab2efe0c166036d3f58c31bcd33bf108eb163dbc25546e1887b77bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9NrNOq2CMXCT9F3wU3oIkg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5352
x-fb-rlafr: 0
x-fb-debug: hbDknFC/Mmtlsf5O6UElDM3KLOYBMs0UMWBPM6kh0g+OKLC7fMCl0waF1qk3o5Le3wT2oa2CDz2pk0+4WlAoLA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Jan 2024 17:07:42 GMT

GET
H2 200 PlsnJC666Fj.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame 6693 22 KB
7 KB 110ms
64ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/PlsnJC666Fj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97e2c43cec6a899062fa577fa6ea91618ffdcd2d3d335ad82568fc5357ecee31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hVuam4DUwYYlPrpODRSxjQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6772
x-fb-rlafr: 0
x-fb-debug: QuqavnpsBx2BGMU8HxxOyo75wF53fmoJkYjqOdTbhubnVSrS2/nkbbLlp4tmaZIzodxF7vHTLMhV4mVxBHzo0w==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Jan 2024 19:49:37 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 6693 507 B
440 B 111ms
64ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: ldWwZ7ep38lNx8OehQZ51PMgS0393+2sV75NWCXKoD0yGX3KajaBjHXS/TdbJ3fw5ccuviaDCWPTnK341zwF8Q==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Dec 2023 20:27:03 GMT

GET
H2 200 h-L8FQ7MyJY.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yu/l/en_GB/ Frame 6693 25 KB
7 KB 115ms
69ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yu/l/en_GB/h-L8FQ7MyJY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57e9ad580b54eba7dc56873cf55d1d9f6b26983a46e7f349251e96eb0b24c5b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: s9m754Y5dqpbRuAsd5isyA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7100
x-fb-rlafr: 0
x-fb-debug: o1mS1INdLY+ar387DfEVFDmIbsOBsVbpKr0zpUoJNSGwmBsyrOryq+jRIBKIVltYdfRbOupisQQXMzlh70tk3g==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 04 Jan 2024 23:50:50 GMT

GET
H2 200 ACK0uX4zgFf.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/ Frame 6693 84 KB
23 KB 114ms
68ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e89f0d101d83439e236dc40a620b683911cd40f4622f442934e6462cbf38b94e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EOQeWiCh9jJL/21QjLDCVA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23498
x-fb-rlafr: 0
x-fb-debug: JZTig1K0LJZRmWQApp+sZGF6qndHhKOE2vuVjfOw3rlSCCBY4EAeBbz8l26Gt1kWZBp+qNjku+qXMrgyqk8lhA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 05 Jan 2024 00:34:13 GMT

GET
H2 200 7Nmln25n6YE.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 6693 22 KB
7 KB 111ms
65ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/7Nmln25n6YE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e0085a77923b9e5a13ae8105a8e54337d44464f114e6d9c58a3c06a9cbcbc61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fLiXl86iqEuUjfrlPQyQ1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7199
x-fb-rlafr: 0
x-fb-debug: QNsSVbZlsuPOYP6AOPE9fylc/38hDvTpnFRwjMSBs8LSrP6G3AQF68Lh++oiKehTn3al2wQyeuPaf5AtLrl8pg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 09 Jan 2024 18:56:21 GMT

GET
H2 200 7eeDutVoALV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame 6693 2 KB
820 B 114ms
68ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/7eeDutVoALV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41f6c5b77e3c08989d86e040dd5d0fd9ad3c06cebf403f7a61b8eae588552d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9JEGBXJlZBCsc2OAzAsRxA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 670
x-fb-rlafr: 0
x-fb-debug: ebYeMazYijxs9cjLirD+hNCCRxVRGzOtVnPj7ZRu3cc4SD9WYbIeTm9Yl/JGR3qkPxuX6N+UXTnXr3xgdU1nkw==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Jan 2024 17:07:42 GMT

GET
H2 200 296798315_102390382585555_8847597571544116058_n.png
scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-6/ Frame 6693 13 KB
13 KB 80ms
19ms Image
image/png 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-6/296798315_102390382585555_8847597571544116058_n.png?stp=dst-png_s350x350&_nc_cat=111&ccb=1-7&_nc_sid=dd9801&_nc_ohc=nUQJ-aJzLHAAX_CPl_a&_nc_ht=scontent-yyz1-1.xx&edm=AGeEj18EAAAA&oh=00_AfBYBFsxwXYTz1jnLICFEXIekXjrgRcqXQ6v1w-swu3MTA&oe=63C361B3
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a4ce917457448%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 22c55af9e1447d0b4e3cb9c8b94c21a2750715ada4ff59c1cd86ef7f9d81c890

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-haystack-needlechecksum: 960172941
date: Wed, 11 Jan 2023 02:11:13 GMT
x-fb-trip-id: 1512268381
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 09 Aug 2022 05:18:04 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=2861381488
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1502943839
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 13111

GET
H2 200 296972867_102389962585597_3932758871658506365_n.jpg
scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-1/ Frame 6693 1 KB
2 KB 80ms
20ms Image
image/jpeg 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-1/296972867_102389962585597_3932758871658506365_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=r9deg5O08f8AX-F6o5l&_nc_ht=scontent-yyz1-1.xx&edm=AGeEj18EAAAA&oh=00_AfCCrJcNaAeU5F7puxnDpHRzhThdvCFCH4vQiAlTQYtfzg&oe=63C30EA0
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a4ce917457448%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0af14c8c1c4106987297a09656d22bd9c5806b53a1d734e834442165b01c17f8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-haystack-needlechecksum: 2987367722
date: Wed, 11 Jan 2023 02:11:13 GMT
x-fb-trip-id: 1512268381
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 09 Aug 2022 05:17:09 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=150261592
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 120161036
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1455

GET
H2 200 qUpT11mm0GW.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame D7E0 19 KB
5 KB 90ms
57ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/qUpT11mm0GW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1caaefb8c930c268f67d6fe8949d4814bbf7084b473145418f219dd148f2600

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 98XfbS2dkMoGdCC5MtwwMQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4995
x-fb-rlafr: 0
x-fb-debug: wg6xQBJa8A1h3qXUnA5qxjZg9MLqRp8YOWuG5+aaBaSOSBl6xGXV5pj5dUGGZtMqFNSwUxmUvtSMQNXTenhNjA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Jan 2024 17:07:42 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame D7E0 2 KB
982 B 55ms
22ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: GVkC7SloHLCZJPbAHLxTi19nUbgupK32J7kmL4uXAypMdCnrBYsyMdr1Ej7pIFMLEVrU5f+bDEC9qAvO0up0rA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 03 Jan 2024 21:16:08 GMT

GET
H2 200 wtmvR9r7LW5.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame D7E0 305 KB
81 KB 102ms
68ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1dbd5e9b983ca4093726df38adf8c99cc5d63848302473b1f0d46a7b372b552

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QAErsU2+TlN97nYjIWxN7Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 82796
x-fb-rlafr: 0
x-fb-debug: mzfaSxji4bthnGV2G/ivRIs04fpTj60sc0STlC7/krPngwt1TNmyYAy6yBURf5TXmmtgWElWXltKO6nl7A/uhA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 06 Jan 2024 02:33:22 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame D7E0 5 KB
2 KB 57ms
24ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: koakLGY1v5R2GWTxsSnA3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1615
x-fb-rlafr: 0
x-fb-debug: iVEVfe7zWACsqan8EnLJoCmTZwvwPbZzfJmCvcP37ADvOKSGNBfygf0fNHuQS8jylWFOYTHbl/25kyfNPLcSWw==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Jan 2024 19:40:52 GMT

GET
H2 200 8LoDHCcRMmF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame D7E0 38 KB
12 KB 56ms
23ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GtFa/ANPMQQnyBsHWWA6Kw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12334
x-fb-rlafr: 0
x-fb-debug: Cd8xaBrPP1GOlf+tBYZh2HkY3EjVbVKJFficUV9p0CuAuFrtpGbWMzR01DAfZgQ1GKdD8GYu+UAuDDn5cY8hbg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Jan 2024 19:40:56 GMT

GET
H2 200 bPhRbIw5d4Y.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ Frame D7E0 51 KB
16 KB 93ms
60ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yS75TjCi3ZRz/Z/lM0crcw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16232
x-fb-rlafr: 0
x-fb-debug: RUnJ5HXxW1AmPxlYrO43aIqSGWMzzwvFcxceupUL6Sx/N1XuHYqc7H/AlDnA8jn1A+C+1IzAbGs4MMRf7u1feQ==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 06 Jan 2024 15:19:21 GMT

GET
H2 200 0cKQbVrk19s.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame D7E0 18 KB
6 KB 57ms
24ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/0cKQbVrk19s.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42319f941cd9da4e2937e856dbb573f3fa9fb05e6784a5fb3761f7b8c91ac724

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q8AcXLnh9lqBhL0/oorl3w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6166
x-fb-rlafr: 0
x-fb-debug: 6v5sd468isijeZgdU7HgeLsSLkqsSZh81j8EG8U/KMSUuY6pSJwkcG8DMZ6+kPdcdAgn4x4ZkRe39cvtV4rGkA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Jan 2024 23:15:02 GMT

GET
H2 200 KkdHmYcefNy.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame D7E0 16 KB
5 KB 98ms
65ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/KkdHmYcefNy.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5e107adab2efe0c166036d3f58c31bcd33bf108eb163dbc25546e1887b77bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9NrNOq2CMXCT9F3wU3oIkg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5352
x-fb-rlafr: 0
x-fb-debug: hbDknFC/Mmtlsf5O6UElDM3KLOYBMs0UMWBPM6kh0g+OKLC7fMCl0waF1qk3o5Le3wT2oa2CDz2pk0+4WlAoLA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Jan 2024 17:07:42 GMT

GET
H2 200 PlsnJC666Fj.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame D7E0 22 KB
7 KB 95ms
63ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/PlsnJC666Fj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97e2c43cec6a899062fa577fa6ea91618ffdcd2d3d335ad82568fc5357ecee31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hVuam4DUwYYlPrpODRSxjQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6772
x-fb-rlafr: 0
x-fb-debug: QuqavnpsBx2BGMU8HxxOyo75wF53fmoJkYjqOdTbhubnVSrS2/nkbbLlp4tmaZIzodxF7vHTLMhV4mVxBHzo0w==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Jan 2024 19:49:37 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame D7E0 507 B
485 B 96ms
64ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: ldWwZ7ep38lNx8OehQZ51PMgS0393+2sV75NWCXKoD0yGX3KajaBjHXS/TdbJ3fw5ccuviaDCWPTnK341zwF8Q==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 29 Dec 2023 20:27:03 GMT

GET
H2 200 h-L8FQ7MyJY.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yu/l/en_GB/ Frame D7E0 25 KB
7 KB 100ms
69ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yu/l/en_GB/h-L8FQ7MyJY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57e9ad580b54eba7dc56873cf55d1d9f6b26983a46e7f349251e96eb0b24c5b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: s9m754Y5dqpbRuAsd5isyA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7100
x-fb-rlafr: 0
x-fb-debug: o1mS1INdLY+ar387DfEVFDmIbsOBsVbpKr0zpUoJNSGwmBsyrOryq+jRIBKIVltYdfRbOupisQQXMzlh70tk3g==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 04 Jan 2024 23:50:50 GMT

GET
H2 200 ACK0uX4zgFf.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/ Frame D7E0 84 KB
23 KB 98ms
67ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e89f0d101d83439e236dc40a620b683911cd40f4622f442934e6462cbf38b94e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EOQeWiCh9jJL/21QjLDCVA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23498
x-fb-rlafr: 0
x-fb-debug: JZTig1K0LJZRmWQApp+sZGF6qndHhKOE2vuVjfOw3rlSCCBY4EAeBbz8l26Gt1kWZBp+qNjku+qXMrgyqk8lhA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 05 Jan 2024 00:34:13 GMT

GET
H2 200 7Nmln25n6YE.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame D7E0 22 KB
7 KB 96ms
65ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/7Nmln25n6YE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e0085a77923b9e5a13ae8105a8e54337d44464f114e6d9c58a3c06a9cbcbc61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fLiXl86iqEuUjfrlPQyQ1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7199
x-fb-rlafr: 0
x-fb-debug: QNsSVbZlsuPOYP6AOPE9fylc/38hDvTpnFRwjMSBs8LSrP6G3AQF68Lh++oiKehTn3al2wQyeuPaf5AtLrl8pg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 09 Jan 2024 18:56:21 GMT

GET
H2 200 7eeDutVoALV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame D7E0 2 KB
841 B 97ms
66ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/7eeDutVoALV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41f6c5b77e3c08989d86e040dd5d0fd9ad3c06cebf403f7a61b8eae588552d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9JEGBXJlZBCsc2OAzAsRxA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 670
x-fb-rlafr: 0
x-fb-debug: ebYeMazYijxs9cjLirD+hNCCRxVRGzOtVnPj7ZRu3cc4SD9WYbIeTm9Yl/JGR3qkPxuX6N+UXTnXr3xgdU1nkw==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Jan 2024 17:07:42 GMT

GET
H2 200 296798315_102390382585555_8847597571544116058_n.png
scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-6/ Frame D7E0 9 KB
9 KB 98ms
24ms Image
image/png 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-6/296798315_102390382585555_8847597571544116058_n.png?stp=dst-png_s280x280&_nc_cat=111&ccb=1-7&_nc_sid=dd9801&_nc_ohc=nUQJ-aJzLHAAX_CPl_a&_nc_ht=scontent-yyz1-1.xx&edm=AGeEj18EAAAA&oh=00_AfCHfVjFFRWnZMd9_9a4V7Ql2C4P9d7pPuSpZm3jirRWAQ&oe=63C361B3
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d83f8be07f0b015b347a491c8429eea4bdedc305e983a2a4118e8f1a09631957

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-haystack-needlechecksum: 960172941
date: Wed, 11 Jan 2023 02:11:13 GMT
x-fb-trip-id: 1512268381
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 09 Aug 2022 05:18:04 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=351520299
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1502943839
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 9124

GET
H2 200 296972867_102389962585597_3932758871658506365_n.jpg
scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-1/ Frame D7E0 1 KB
1 KB 72ms
24ms Image
image/jpeg 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-1/296972867_102389962585597_3932758871658506365_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=r9deg5O08f8AX-F6o5l&_nc_ht=scontent-yyz1-1.xx&edm=AGeEj18EAAAA&oh=00_AfCCrJcNaAeU5F7puxnDpHRzhThdvCFCH4vQiAlTQYtfzg&oe=63C30EA0
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0af14c8c1c4106987297a09656d22bd9c5806b53a1d734e834442165b01c17f8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-haystack-needlechecksum: 2987367722
date: Wed, 11 Jan 2023 02:11:13 GMT
x-fb-trip-id: 1512268381
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 09 Aug 2022 05:17:09 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=150261592
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 120161036
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1455

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame B9CF 2 KB
765 B 31ms
30ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1673403072&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673403072652&bpp=25&bdt=854&idt=25&shv=r20230109&mjsv=m202212050103&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3052224095165&frm=20&pv=1&ga_vid=1161304269.1673403072&ga_sid=1673403072&ga_hid=82569676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C44779793&oid=2&pvsid=4465137890185292&tmod=1078062633&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WX3HnsOTrI&p=https%3A//www.blackhatrussia.com&dtd=33

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame B9CF 22 KB
9 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame B9CF 3 KB
1 KB 33ms
19ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame B9CF 18 KB
7 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9CF 156 KB
48 KB 50ms
49ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48956
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673267917225388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 11 Jan 2023 02:11:13 GMT

GET
H3 200 1507d5c23d710c2e70b81f354fbf7065.js Show response
www.gstatic.com/mysidia/ Frame B9CF 33 KB
14 KB 76ms
20ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:26:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 18:00:18 GMT

GET
DATA 200
OK truncated
/ Frame F7E2 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c727e2faba8bac6ff122915c7a7bd573e5f01ff2d721e0ef1951c98ac6d155d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B9CF 0
0 58ms
49ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMAyxwBq-Y_iWL4SY7gTAra_AC-iK04pujbrs3bkJnNXVz4wOEAEgnZWfJmD96KKB8AOgAYGW6P4DyAEJqAMByAPLBKoE-AFP0P3nYKqiZW4Ecf6ZyoWumti4hvQMZKcbxVbuDNdoYVaYgQb74Ah4_0f_2FLCsf6m1TsdhOavEk1Zg1uCky3i_eOG2MarnsEKnyDoJh5MNRv0ScAnx1oDp2sMHrylmB3iOANpDEU1PCLmqf622zd8XAYQt_5IIJg5dH_CfosW0_9tCxnKBLne_D4qTL9TVxxJZJAydjYpnR2rtHu6lzMLKpyVdGfQx9YJrXIYHopAzphHxk_d16je9JwqExON0tyhlGlD5-QI10kz1Yw4ChNL-jNzmRzpYtefWjF5cemu0-8x5sjDigy3-tFSDRPliiPfYqEv-l3qCsAErpr72okBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-fplwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQyvYV0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMMiBQK0BUBgBcBshccChoIABIUcHViLTM5MjY5NDIzNzg1MjY2OTkYAA&sigh=ywwTTlwMQcQ&uach_m=[UACH]&cid=CAQSGwDq26N9l9dUKRyqsxUEp07sCLECZHu6Vll1_RgBIBM&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3926942378526699&output=html&h=280&slotname=7745907976&adk=3442936614&adf=1503837308&pi=t.ma~as.7745907976&w=750&fwrn=4&fwrnh=100&lmt=1673403072&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673403072652&bpp=25&bdt=854&idt=25&shv=r20230109&mjsv=m202212050103&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3052224095165&frm=20&pv=1&ga_vid=1161304269.1673403072&ga_sid=1673403072&ga_hid=82569676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C44779793&oid=2&pvsid=4465137890185292&tmod=1078062633&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WX3HnsOTrI&p=https%3A//www.blackhatrussia.com&dtd=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 11 Jan 2023 02:11:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/ 150 KB
51 KB 57ms
49ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/reactive_library_fy2021.js?bust=31071383

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59667999cb9c386a2f9aaaaf10ccb653bdc851588fb31fc43c9f288d14528d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52347
x-xss-protection: 0
server: cafe
etag: 3150487390920455464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Jan 2023 02:11:13 GMT

GET
H2 200 ca-pub-3926942378526699 Show response
fundingchoicesmessages.google.com/i/ 119 KB
41 KB 129ms
65ms Script
application/javascript 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3926942378526699?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a11719a42eea536a822b78a95b6271a7e4a654b6b59d5347ecfed45f0222607

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5R9EXJCgUMfmInyzDnh3eQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-5R9EXJCgUMfmInyzDnh3eQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1735693275594153158_16608232863811718906.jpeg
static.doubleclick.net/dynamic/5/202181353/ Frame B9CF 3 KB
3 KB 77ms
26ms Image
image/jpeg 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/202181353/1735693275594153158_16608232863811718906.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8e226c0eee98736ce4bcdce5e6ec8583307dadbe2f1c148aef9ba0030f48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 23:34:19 GMT
x-content-type-options: nosniff
age: 9414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3190
x-xss-protection: 0
last-modified: Sun, 25 Apr 2021 13:55:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 23:34:19 GMT

GET
H3 200 14884301742697573893_10052434609906306933.jpeg
static.doubleclick.net/dynamic/5/202181353/ Frame B9CF 4 KB
4 KB 73ms
23ms Image
image/jpeg 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/202181353/14884301742697573893_10052434609906306933.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee0a8f7c94500d949600f170f152f49fcf8edc48d060f59d7141db0b4d113589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 03:58:25 GMT
x-content-type-options: nosniff
age: 166368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4551
x-xss-protection: 0
last-modified: Sun, 18 Apr 2021 10:07:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 03:58:25 GMT

GET
H3 200 17653872625402039616_3808076505330214928.jpeg
static.doubleclick.net/dynamic/5/202181353/ Frame B9CF 7 KB
7 KB 74ms
25ms Image
image/jpeg 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/202181353/17653872625402039616_3808076505330214928.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45415e4c64ace5c09fd65c97eb4a0ceee32b45ff9ab88967065fbdc06dc34955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 18:05:38 GMT
x-content-type-options: nosniff
age: 547535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6666
x-xss-protection: 0
last-modified: Wed, 02 Sep 2020 15:51:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 18:05:38 GMT

GET
H3

200

6577506610223554973
tpc.googlesyndication.com/simgad/ Frame B9CF
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr8fX2TxDeAhjeAjIIQDue9aoigZ8
https://tpc.googlesyndication.com/simgad/6577506610223554973

23 KB
23 KB

20ms
19ms

Image
image/png

2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6577506610223554973

Requested by

Protocol

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f7ce70d37f721facab49d8c60c3101a19bfeb04c13248610b7b7e0c4cc1e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 08:19:03 GMT
x-content-type-options: nosniff
age: 496330
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23274
x-xss-protection: 0
last-modified: Thu, 28 Feb 2019 11:48:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jan 2024 08:19:03 GMT

Redirect headers

date: Tue, 10 Jan 2023 05:26:28 GMT
x-content-type-options: nosniff
server: cafe
age: 74685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6577506610223554973
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Feb 2023 05:26:28 GMT

GET
DATA 200
OK truncated
/ Frame B9CF 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2779736f62bfffeea1b95c49ebf3471d3aeb1eab2c6f841bdc1433b8fb41325b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame A8EE 0
0 142ms
51ms Document
text/plain 18.160.213.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=63150
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.213.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-86.ord58.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server: Apache-Coyote/1.1
via: 1.1 68ee49a13004b028043fee6d73697e92.cloudfront.net (CloudFront)
x-amz-cf-id: J0aods36XPG4QDSJVLKZJ0UM2pZ2Wed68Q2SivYXaGLSiWx93txJIg==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

59074
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=F91DiSZHA67WiadrRb22rX0O&rnd=36663
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=F91DiSZHA67WiadrRb22rX0O&rnd=36663&_li_chk=true&previous_uuid=09b6229e51ed43cc9e53065f5fa7e7a0
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=36663&bidder_uuid=F91DiSZHA67WiadrRb22rX0O

43 B
436 B

102ms
39ms

Image
image/gif

2600:1f18:ed:550a:e5e8:a01c:2029:474f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/59074?bidder_id=204553&rnd=36663&bidder_uuid=F91DiSZHA67WiadrRb22rX0O

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

HTTP/1.1

Server

2600:1f18:ed:550a:e5e8:a01c:2029:474f Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:14 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/59074?bidder_id=204553&rnd=36663&bidder_uuid=F91DiSZHA67WiadrRb22rX0O
Date: Wed, 11 Jan 2023 02:11:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 6

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=F91DiSZHA67WiadrRb22rX0O&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=F91DiSZHA67WiadrRb22rX0O&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
https://ce.lijit.com/merge?pid=5014&3pid=bd0e3f95974247110e924d7b56e89ddc

43 B
1003 B

26ms
25ms

Image
image/gif

23.92.190.69
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5014&3pid=bd0e3f95974247110e924d7b56e89ddc
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: HTTP/1.1
Server: 23.92.190.69 Charlotte, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Jan 2023 02:11:14 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=5014&3pid=bd0e3f95974247110e924d7b56e89ddc
date: Wed, 11 Jan 2023 02:11:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 787a1edcb853f995-YYZ
content-length: 0
p3p: CP='NON DSP COR CONi OUR BUS CNT'

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=2689
https://ce.lijit.com/merge?pid=2&3pid=E037D6C2FD6C4E128B5E17BAD4951555

43 B
679 B

78ms
24ms

Image
image/gif

23.92.190.69
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=E037D6C2FD6C4E128B5E17BAD4951555
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: HTTP/1.1
Server: 23.92.190.69 Charlotte, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Jan 2023 02:11:14 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Wed, 11 Jan 2023 02:11:13 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=E037D6C2FD6C4E128B5E17BAD4951555
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 10 Jan 2023 02:11:13 GMT

GET
H/1.1

200
OK

57333
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=F91DiSZHA67WiadrRb22rX0O&rnd=36083
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=F91DiSZHA67WiadrRb22rX0O&rnd=36083&_li_chk=true&previous_uuid=75143ef0306d4925a5264eb1bac5ecf4
https://i6.liadm.com/s/57333?bidder_id=204553&rnd=36083&bidder_uuid=F91DiSZHA67WiadrRb22rX0O

43 B
436 B

101ms
38ms

Image
image/gif

2600:1f18:ed:550a:e5e8:a01c:2029:474f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/57333?bidder_id=204553&rnd=36083&bidder_uuid=F91DiSZHA67WiadrRb22rX0O

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

HTTP/1.1

Server

2600:1f18:ed:550a:e5e8:a01c:2029:474f Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:14 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/57333?bidder_id=204553&rnd=36083&bidder_uuid=F91DiSZHA67WiadrRb22rX0O
Date: Wed, 11 Jan 2023 02:11:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 5

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame D560 85 B
482 B 28ms
28ms Document
text/html 13.32.164.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.164.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-164-88.ord58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 468052
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Thu, 05 Jan 2023 16:10:22 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 0835ebd52ef8594cd8aa4dac9cfbd9a8.cloudfront.net (CloudFront)
x-amz-cf-id: dgY2VJCDTFwORkp5hceHPXP1-yOGwfjuAeMtF2QAvaSrPp4E_AjlDQ==
x-amz-cf-pop: ORD58-P1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 p
ic.tynt.com/b/ 35 B
573 B 146ms
28ms Image
image/gif 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!2jl8c6alqn&lm=0&ts=1673403073856&dn=TC&iso=0&pu=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html&ct=JPS%20Virus%20Maker&t=JPS%20Virus%20Maker%20%C2%BB%20learn%20all%20kind%20of%20hacking
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H2

200

5386 Show response
tags.bluekai.com/site/ Frame B3D0
Redirect Chain

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHgACGO%2BGsEAAAAIJhgRAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1109.23349%26cid%3Dc010%...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=70484889-ebba-4b5c-9c7f-1555ae41aa31&gdpr=0&gdpr_consent=

62 B
315 B

102ms
101ms

Document
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/5386?id=70484889-ebba-4b5c-9c7f-1555ae41aa31&gdpr=0&gdpr_consent=
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 62
content-type: image/gif
date: Wed, 11 Jan 2023 02:11:14 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 221
content-type: text/html
date: Wed, 11 Jan 2023 02:11:14 GMT
location: https://tags.bluekai.com/site/5386?id=70484889-ebba-4b5c-9c7f-1555ae41aa31&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 6693 573 B
627 B 47ms
24ms Image
image/png 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/qUpT11mm0GW.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/qUpT11mm0GW.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: sLsB5N9+e7Ue4+j4HERuPICxK0+UK53T6mBUOZaDhTBu2CRbA/dtp8bMmfFcgyQTLAx0BEk9dXIL0Q6wV1NepA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 04 Jan 2024 09:50:27 GMT

GET
H3 200 5KMu9HS8l_F.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 6693 10 KB
4 KB 49ms
23ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/5KMu9HS8l_F.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fefa32ad872f2b96cff1cc691d76311ed9106248775da310f71d56f5ca693717

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BhBx4iauovBghcOsEeM8BQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3588
x-fb-rlafr: 0
x-fb-debug: JywG/Z3prD4ODUo+xPtZelG/6eVxWeFbwvM7kpX42Pqy8NVT9BvPgKh+4J9faN2hA/8xAFqSxpYW11tg7zWFGQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1,i
expires: Thu, 11 Jan 2024 00:13:34 GMT

GET
H3 200 C2S10lkZLg1.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame 6693 176 KB
51 KB 49ms
24ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/C2S10lkZLg1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78b81382f5c9d318e9af09e68aaca6dc8ebbcdc911204ba2cc25eb4b5d5ef7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CX+t1QO+riqxNLnNfvL/hw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52654
x-fb-rlafr: 0
x-fb-debug: seu8P7V6K8xTw+cxiWK3W/aCKtbUF6Mjw7KHn66+OBDK3UuzU+V9mDrNbR7i1BqEqGzC5DMy9qvErO1sN9Jmzw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1,i
expires: Thu, 11 Jan 2024 00:13:34 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame F7E2 20 KB
20 KB 70ms
26ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 16:38:24 GMT
x-content-type-options: nosniff
age: 207170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 16:38:24 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame F7E2 21 KB
21 KB 63ms
21ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:39:19 GMT
x-content-type-options: nosniff
age: 12715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 22:39:19 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame D560 766 B
1 KB 30ms
28ms Script
text/javascript 13.32.164.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.164.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-164-88.ord58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Wed, 04 Jan 2023 21:12:55 GMT
via: 1.1 0835ebd52ef8594cd8aa4dac9cfbd9a8.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD58-P1
age: 536299
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 3NDPw5QAx210mibq7cGEFV1Qe4osrZTChitvmkHF1br5-VvSTRWImQ==

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame D7E0 573 B
625 B 21ms
21ms Image
image/png 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/qUpT11mm0GW.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/qUpT11mm0GW.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: sLsB5N9+e7Ue4+j4HERuPICxK0+UK53T6mBUOZaDhTBu2CRbA/dtp8bMmfFcgyQTLAx0BEk9dXIL0Q6wV1NepA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 04 Jan 2024 09:50:27 GMT

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 39ms
38ms Script
application/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.blackhatrussia.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 40ms
40ms Script
application/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.blackhatrussia.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/ Frame 2D02 10 KB
4 KB 19ms
19ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 25119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 19:12:35 GMT
etag: 10353107486223812946
expires: Tue, 24 Jan 2023 19:12:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/ Frame 11C2 10 KB
4 KB 22ms
20ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 25119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 19:12:35 GMT
etag: 10353107486223812946
expires: Tue, 24 Jan 2023 19:12:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxV4dm9a27Vhc4M6Ibhchx2XlwrGK94GwM5n2TSX0I3gqFI-AEVqEviVj5FmEHLqwcTZAio59M2-p-P2A3N-QkE= Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 110ms
62ms Script
application/javascript 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV4dm9a27Vhc4M6Ibhchx2XlwrGK94GwM5n2TSX0I3gqFI-AEVqEviVj5FmEHLqwcTZAio59M2-p-P2A3N-QkE=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjczNDAzMDc0LDE0NTAwMDAwMF0sIjg3MTEzMTZBLTM4NUMtNDY3RC05OUM2LTE2QUI2RDlEQ0Q1QiIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly93d3cuYmxhY2toYXRydXNzaWEuY29tLzUwNC1qcHMtdmlydXMtbWFrZXIuaHRtbCIsbnVsbCxbWzgsIlZULUxEM09OMm9ZIl0sWzksImVuLVVTIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VT-LD3ON2oY.es5.O/d=1/rs=AJlcJMwYB6mVTmg817Z643QMdafoxCDIQQ/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54421d081cfd30b3485b23e60c6167ca4140fc9083abbab48a6f69004fec77c4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kjkXOx-AtirW-V3mLQEzyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kjkXOx-AtirW-V3mLQEzyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 5KMu9HS8l_F.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame D7E0 10 KB
4 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/5KMu9HS8l_F.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fefa32ad872f2b96cff1cc691d76311ed9106248775da310f71d56f5ca693717

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BhBx4iauovBghcOsEeM8BQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3588
x-fb-rlafr: 0
x-fb-debug: JywG/Z3prD4ODUo+xPtZelG/6eVxWeFbwvM7kpX42Pqy8NVT9BvPgKh+4J9faN2hA/8xAFqSxpYW11tg7zWFGQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1,i
expires: Thu, 11 Jan 2024 00:13:34 GMT

GET
H3 200 C2S10lkZLg1.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame D7E0 176 KB
51 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/C2S10lkZLg1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78b81382f5c9d318e9af09e68aaca6dc8ebbcdc911204ba2cc25eb4b5d5ef7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CX+t1QO+riqxNLnNfvL/hw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52654
x-fb-rlafr: 0
x-fb-debug: seu8P7V6K8xTw+cxiWK3W/aCKtbUF6Mjw7KHn66+OBDK3UuzU+V9mDrNbR7i1BqEqGzC5DMy9qvErO1sN9Jmzw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1,i
expires: Thu, 11 Jan 2024 00:13:34 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 2 KB
3 KB 93ms
28ms Script
application/javascript 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!2jl8c6alqn&dn=TC&cc=1&r=&pu=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 44f64a791a0b737798b53e003542396761dd28b2f76521dc881680a2ce403930

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Wed, 11 Jan 2023 02:11:13 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length: 1644
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 856E 36 KB
16 KB 24ms
23ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 20:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 20:48:45 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 2D02 4 KB
636 B 38ms
34ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 02:00:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Jan 2023 02:11:14 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2D02 205 B
229 B 25ms
22ms Image
image/png 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 13:03:02 GMT
x-content-type-options: nosniff
age: 133692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 09 Jan 2024 13:03:02 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2D02 604 B
628 B 26ms
23ms Image
image/png 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:53:31 GMT
x-content-type-options: nosniff
age: 26263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 10 Jan 2024 18:53:31 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/elements/html/ Frame 2D02 19 KB
8 KB 22ms
19ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8191
x-xss-protection: 0
server: cafe
etag: 7335088802737092762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:46:32 GMT

GET
H3 200 7d0b7188506749bb068f2c695a7a947e.js Show response
www.gstatic.com/mysidia/ Frame 11C2 9 KB
4 KB 44ms
42ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7d0b7188506749bb068f2c695a7a947e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4667dba2a203d28710eb217ab0f81b8b573affebdc0b75403feac41f90f5ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4224
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 20:01:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 18:00:18 GMT

GET
H3 200 1522be3fab9b5e46de5cf3e17a8f5154.js Show response
www.gstatic.com/mysidia/ Frame 11C2 19 KB
8 KB 48ms
47ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1522be3fab9b5e46de5cf3e17a8f5154.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc380623bd5b9928e5e4c622b7284d2e4ece3ff81af64acadbf7b6f942e35f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7981
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:26:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 05:56:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 11C2 8 KB
895 B 51ms
50ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 02:04:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Jan 2023 02:11:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 11C2 2 KB
765 B 30ms
26ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H3 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame 11C2 5 KB
2 KB 48ms
43ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 06:03:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame 11C2 22 KB
9 KB 33ms
28ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 11C2 3 KB
1 KB 46ms
41ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 11C2 18 KB
7 KB 37ms
32ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 11C2 156 KB
48 KB 114ms
52ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48956
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673267917225388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 11 Jan 2023 02:11:14 GMT

GET
H3 200 1507d5c23d710c2e70b81f354fbf7065.js Show response
www.gstatic.com/mysidia/ Frame 11C2 33 KB
14 KB 37ms
33ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:26:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 18:00:18 GMT

POST
H2 200 controller.php Show response
www.blackhatrussia.com/engine/ajax/ 2 B
81 B 552ms
251ms XHR
text/html 111.90.142.140
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blackhatrussia.com/engine/ajax/controller.php?mod=adminfunction
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/engine/classes/js/jquery.js?v=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.90.142.140 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: LiteSpeed /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: gzip
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 6693 192 KB
49 KB 405ms
376ms XHR
application/x-javascript 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Atrue%2C%22referer_uri%22%3A%22https%3A%2F%2Fwww.blackhatrussia.com%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0ny0RE2Jw8W1uwc-0pa0h-0Lo6-0iq&__csr=&__req=1&__hs=19368.BP%3Aplugin_default_pkg.2.0.0.0.0&dpr=1&__ccg=EXCELLENT&__rev=1006804047&__s=%3A%3Afw4k9o&__hsi=7187211473232574880&__comet_req=0&locale=en_GB&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d76b33072a42f83f92053b67f94eeb353a1ac8411b016d487ecaa2f61a9f4ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: nY7QHcRxOfhFpbvU9fRaSw
Referer: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a4ce917457448%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 11 Jan 2023 02:11:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ASJBbjdwdnf9eGP/bHeguS2R3XOLHU1vpuiIsUMZ6irN5f0/xP8JvmxGX+lcms7/twcRHNj1pxtwoZyQYMekqA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 6693 1 KB
732 B 88ms
62ms XHR
application/x-javascript 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

394af34fbbb3777adedd97b17c69b82c8fd4f19dfb7f19dfbeb3db942aaf282d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: nY7QHcRxOfhFpbvU9fRaSw
Referer: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a4ce917457448%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 11 Jan 2023 02:11:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: EIVYOAUJ9bPCWEH92e7l+mSYQWcIEs91x0Gh4jJctiQTY+6lQbvt8OvNfSIU2HGVQhW2iLGJr+SxzvOz8Y9TIQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-allow-methods: OPTIONS
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=F91DiSZHA67WiadrRb22rX0O/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=2098dff33ee36f692f526484e827eb51

43 B
1 KB

25ms
25ms

Image
image/gif

23.92.190.69
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=2098dff33ee36f692f526484e827eb51
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: HTTP/1.1
Server: 23.92.190.69 Charlotte, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Jan 2023 02:11:14 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:14 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=2098dff33ee36f692f526484e827eb51
cache-control: no-cache
x-server: 10.40.43.145
content-length: 0
expires: 0

POST
H3 204 AGSKWxVylUvDF56JZn73EEC4pZ3Ajfk4tWLcdv435Y-CGCY8xqC-PdEHrv18M6u3O0GKK9Ph3HaLcyovWjSoB359gw0= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 90ms
43ms XHR
text/html 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVylUvDF56JZn73EEC4pZ3Ajfk4tWLcdv435Y-CGCY8xqC-PdEHrv18M6u3O0GKK9Ph3HaLcyovWjSoB359gw0=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YYk6DqIy-8fSHlhIrCu2nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-YYk6DqIy-8fSHlhIrCu2nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.blackhatrussia.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXcxGFHkm3V9zd0jyQGcY-UfuKwGit-8cMddT2X5-mLQWhRZrBmB6LyfK1p1eZHoIg6GsiqFHN4t-hGbzswGbBH419sPW9gzqLI1CzpO44PZxZ7HBmfsj7XmyJw16FR7f6BQgSB5w== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 82ms
81ms Script
application/javascript 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXcxGFHkm3V9zd0jyQGcY-UfuKwGit-8cMddT2X5-mLQWhRZrBmB6LyfK1p1eZHoIg6GsiqFHN4t-hGbzswGbBH419sPW9gzqLI1CzpO44PZxZ7HBmfsj7XmyJw16FR7f6BQgSB5w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjczNDAzMDc0LDM4ODAwMDAwMF0sIjg3MTEzMTZBLTM4NUMtNDY3RC05OUM2LTE2QUI2RDlEQ0Q1QiIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly93d3cuYmxhY2toYXRydXNzaWEuY29tLzUwNC1qcHMtdmlydXMtbWFrZXIuaHRtbCIsbnVsbCxbWzgsIlZULUxEM09OMm9ZIl0sWzksImVuLVVTIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ac66d14be70fd7ec78f83e9d13e69d7d7d2298b7878c2631a056462fffd9f69

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-v5d2vQnv7dzqRzIC2t9Hfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-v5d2vQnv7dzqRzIC2t9Hfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

27519 Show response
tags.bluekai.com/site/ Frame 0DC6
Redirect Chain

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1673403074249.4&r=true
https://tags.bluekai.com/site/27519?id=212075679201354&ret=html&random=1673403074

71 B
476 B

104ms
101ms

Document
text/html

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/27519?id=212075679201354&ret=html&random=1673403074
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!2jl8c6alqn&dn=TC&cc=1&r=&pu=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

bk-server: fd08
cache-control: max-age=0, no-cache, no-store
content-length: 71
content-type: text/html
date: Wed, 11 Jan 2023 02:11:14 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pragma: no-cache

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Wed, 11 Jan 2023 02:11:13 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://tags.bluekai.com/site/27519?id=212075679201354&ret=html&random=1673403074
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP005
x-33x-status: 400000000040080C

GET
H2 200 lotame-sync.html Show response
cdn-tc.33across.com/ Frame CE08 343 B
459 B 112ms
31ms Document
text/html 172.64.152.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tc.33across.com/lotame-sync.html
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!2jl8c6alqn&dn=TC&cc=1&r=&pu=https%3A%2F%2Fwww.blackhatrussia.com%2F504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 127228
cache-control: public, max-age=259200
cf-cache-status: HIT
cf-ray: 787a1edfb877f99d-YYZ
content-encoding: gzip
content-type: text/html
date: Wed, 11 Jan 2023 02:11:14 GMT
etag: W/"62d96946-157"
expires: Sat, 14 Jan 2023 02:11:14 GMT
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

204

70484889-ebba-4b5c-9c7f-1555ae41aa31
map.go.affec.tv/map/ttd/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&ts=1673403074249.1
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D63be1ac2d21877000100788c%26chc%3Dtt%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D63be1ac2d21877000100788c%2526chc%253Dtt%2526gdpr%253D%2526gdpr_consent%253D%25...
https://map.go.affec.tv/map/an/2528948850074157157?ch=63be1ac2d21877000100788c&chc=tt&gdpr=&gdpr_consent=&redirect_url=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=63be1ac2d21877000100788c&chc=tt%7Can&gdpr=&gdpr_consent=&redirect_url=
https://map.go.affec.tv/map/ttd/70484889-ebba-4b5c-9c7f-1555ae41aa31?ttd_puid=&gdpr=0&gdpr_consent=

0
562 B

24ms
23ms

Image
text/plain

52.203.85.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/ttd/70484889-ebba-4b5c-9c7f-1555ae41aa31?ttd_puid=&gdpr=0&gdpr_consent=
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Server: 52.203.85.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-85-239.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://map.go.affec.tv/map/ttd/70484889-ebba-4b5c-9c7f-1555ae41aa31?ttd_puid=&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 229

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&random=1673403074249.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fap...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&random=1673403074249.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.ne...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a7f353b7-4fc7-4dc6-8773-491fc0d2c371%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=70484889-ebba-4b5c-9c7f-1555ae41aa31&ttd_puid=a7f353b7-4fc7-4dc6-8773-491fc0d2c371%2Chttps%253A%252F%252Fusermatch.krxd.n...
https://usermatch.krxd.net/um/v2?partner=tapad
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

0
338 B

94ms
24ms

Image
text/plain

3.209.207.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Server: 3.209.207.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-207-39.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n036-ash-prod.krxd.net
date: Wed, 11 Jan 2023 02:11:15 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1673403073
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date: Wed, 11 Jan 2023 02:11:15 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

GET
H3

200

405716.gif
idsync.rlcdn.com/
Redirect Chain

https://dp2.33across.com/ps/?pid=1205&rand=1673403074249.3&r=true
https://idsync.rlcdn.com/405716.gif?partner_uid=212075679467106

42 B
60 B

44ms
43ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/405716.gif?partner_uid=212075679467106
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:14 GMT
referrer-policy: unsafe-url
server: 33XP006
x-33x-status: 4000000000004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://idsync.rlcdn.com/405716.gif?partner_uid=212075679467106
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&33random=1673403074249.5&cat=33across
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkdlVVpwLVFmQU9YelRmME5lTkZEVjhnRXFic01qYm1tWU9xTDhkM01hbzg&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEO-fsmfk8riHnnSY2yjFXlw&google_cver=1

70 B
440 B

51ms
24ms

Image
image/gif

52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEO-fsmfk8riHnnSY2yjFXlw&google_cver=1
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: HTTP/1.1
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 11 Jan 2023 02:11:14 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEO-fsmfk8riHnnSY2yjFXlw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://spl.zeotap.com/z.png?zdid=239&ctry=CA&env=mWeb&eventType=pageview&zpb=w%212jl8c6alqn&zpbcat=Technology%2FComputers&zcluid=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&ziid=1673403074249.6
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=d4692cd3-2dad-4029-411c-5e55e5a61af0&reqId=b41adb7c-8965-4879-4449-...
https://mwzeom.zeotap.com/mw?adnxs_uid=2528948850074157157&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=d4692cd3-2dad-4029-411c-5e55e5a61af0&reqId=b41adb7c-8965-4879-4449-6f34b685a081&...

95 B
169 B

131ms
118ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=2528948850074157157&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=d4692cd3-2dad-4029-411c-5e55e5a61af0&reqId=b41adb7c-8965-4879-4449-6f34b685a081&us_privacy=&zcluid=CoIKS2O+GsFF77GoNl5ZAg==&zdid=239&ziid=1673403074249.6&zpb=w!2jl8c6alqn&zpbcat=Technology/Computers
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://www.blackhatrussia.com
access-control-allow-credentials: true
cf-ray: 787a1ee1fe98c436-EWR
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Wed, 11 Jan 2023 02:11:14 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 590ba559-0c5b-427d-89f9-f3ba5cad1b02
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=2528948850074157157&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=d4692cd3-2dad-4029-411c-5e55e5a61af0&reqId=b41adb7c-8965-4879-4449-6f34b685a081&us_privacy=&zcluid=CoIKS2O+GsFF77GoNl5ZAg==&zdid=239&ziid=1673403074249.6&zpb=w!2jl8c6alqn&zpbcat=Technology/Computers
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

mapuid
secure.adnxs.com/
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&random=1673403074249.8&r=true
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212075679467131&seg_code=33x&random=1673403074

43 B
1 KB

50ms
18ms

Image
image/gif

68.67.160.117
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/mapuid?t=2&member=1001&user=212075679467131&seg_code=33x&random=1673403074

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

HTTP/1.1

Server

68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Jan 2023 02:11:14 GMT
AN-X-Request-Uuid: 74ba51b1-7fbb-4ee8-a9aa-7cf6a59a6289
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:14 GMT
referrer-policy: unsafe-url
server: 33XP006
x-33x-status: 402044000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://secure.adnxs.com/mapuid?t=2&member=1001&user=212075679467131&seg_code=33x&random=1673403074
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKS2O%2BGsFF77GoNl5ZAg%3D%3D&us_privacy=&33random=1673403074249.9&cat=33across
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=70484889-ebba-4b5c-9c7f-1555ae41aa31&bid=1e2n4ou

70 B
440 B

26ms
25ms

Image
image/gif

52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=70484889-ebba-4b5c-9c7f-1555ae41aa31&bid=1e2n4ou
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: HTTP/1.1
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/504-jps-virus-maker.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 11 Jan 2023 02:11:14 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ps.eyeota.net/match?uid=70484889-ebba-4b5c-9c7f-1555ae41aa31&bid=1e2n4ou
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 191

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 6693 1 KB
1 KB 18ms
18ms Image
image/png 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/qUpT11mm0GW.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/qUpT11mm0GW.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: oVBPN78Ij62xHNImXGRQgohYbrQeVHZlgZ2BZRMtX+qAnX8bqcUafrTvosoJj0Mn06/HLGc5mxzd5VUM8oQxPA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 04 Jan 2024 09:43:46 GMT

GET
H3 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame D7E0 188 KB
48 KB 309ms
308ms XHR
application/x-javascript 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007%22%2C%22width%22%3A263%2C%22height%22%3A500%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Atrue%2C%22referer_uri%22%3A%22https%3A%2F%2Fwww.blackhatrussia.com%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0ny0RE2Jw8W1uwc-0pa0h-0Lo6-0iq&__csr=&__req=1&__hs=19368.BP%3Aplugin_default_pkg.2.0.0.0.0&dpr=1&__ccg=EXCELLENT&__rev=1006804047&__s=%3A%3Abjl679&__hsi=7187211473157246714&__comet_req=0&locale=en_GB&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1041e2fdb1f8465e357657582b9762f06ef2e4138f325af166b77f9e0ea3c61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: va0gjI7HM5hD9Jr7p8y9fd
Referer: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 11 Jan 2023 02:11:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: sIigGE0nybK0Iqm7xHTv1nM5PIcu7weZRaryeqccvs3RFTclIP+BiI/BNgSEDX0IwGWDoxdRuMzz3NCm2ZRW5Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: private, no-cache, no-store, must-revalidate
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame D7E0 1 KB
721 B 60ms
60ms XHR
application/x-javascript 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1aa370900df006263e1ba5e61a0ac4551eb7a63f52e3267a8b611b20365e1c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: va0gjI7HM5hD9Jr7p8y9fd
Referer: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 11 Jan 2023 02:11:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 8TZ3kDfxw5R6DsOom69D2G+4q2JkQx9bMhMJpULQiiTGDf/gBoSd+CaHOJF6WW6ckMfn+jeOjYh4Saeotr0GGg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-allow-methods: OPTIONS
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 6693 198 B
251 B 19ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: j/hLiWL3AbqENNiBfx7RV1LAI45MiSiffwahlTdNILQLndJ6t59B4rKPmwinObACAC2qGPD0R5mhv3NOEv6dyg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 05 Jan 2024 06:48:10 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame D7E0 1 KB
1 KB 19ms
19ms Image
image/png 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/qUpT11mm0GW.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/qUpT11mm0GW.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: oVBPN78Ij62xHNImXGRQgohYbrQeVHZlgZ2BZRMtX+qAnX8bqcUafrTvosoJj0Mn06/HLGc5mxzd5VUM8oQxPA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 04 Jan 2024 09:43:46 GMT

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 793 B
1 KB 25ms
24ms Script
application/javascript 52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: 40d72f3167ef8511df6ad2b338725c009035ba55e5345bcd129df95594501838

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Wed, 11 Jan 2023 02:11:14 GMT
Content-Length: 793
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ 6 KB
3 KB 34ms
33ms Script
text/javascript 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 Woodbridge, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx /
Resource Hash: 7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 11 Jan 2023 02:11:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 20:06:40 GMT
Server: nginx
ETag: W/"5e8cdd50-17e9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Methods: GET
Cache-Control: max-age=604800, must-revalidate
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 18 Jan 2023 02:11:14 GMT

GET
H3 200 7d0b7188506749bb068f2c695a7a947e.js Show response
www.gstatic.com/mysidia/ Frame F91E 9 KB
4 KB 23ms
21ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7d0b7188506749bb068f2c695a7a947e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4667dba2a203d28710eb217ab0f81b8b573affebdc0b75403feac41f90f5ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4224
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 20:01:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 18:00:18 GMT

GET
H3 200 1522be3fab9b5e46de5cf3e17a8f5154.js Show response
www.gstatic.com/mysidia/ Frame F91E 19 KB
8 KB 33ms
32ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1522be3fab9b5e46de5cf3e17a8f5154.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc380623bd5b9928e5e4c622b7284d2e4ece3ff81af64acadbf7b6f942e35f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7981
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:26:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 05:56:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame F91E 2 KB
765 B 34ms
30ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H3 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame F91E 5 KB
2 KB 37ms
34ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 06:03:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame F91E 22 KB
9 KB 33ms
31ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame F91E 3 KB
1 KB 34ms
31ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame F91E 18 KB
7 KB 34ms
31ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:00:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F91E 156 KB
48 KB 87ms
84ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48956
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673267917225388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 11 Jan 2023 02:11:14 GMT

GET
H3 200 1507d5c23d710c2e70b81f354fbf7065.js Show response
www.gstatic.com/mysidia/ Frame F91E 33 KB
14 KB 36ms
33ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:26:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 18:00:18 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16311/ Frame CE08 32 KB
10 KB 40ms
19ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by: Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7fccdf59f5dec8ddbf11ed9f5e28cf80e6424389a35d5a4b76ef39f2df02f8be

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn-tc.33across.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 20:15:08 GMT
content-encoding: gzip
via: 1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:01:47 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 21367
x-amz-server-side-encryption: AES256
etag: W/"17cbf13b92a75decc910b84476c56675"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: 1QuCSYhFlrXKJxWMBNad8ODLgB1kqLabVhe1eDWflG4O6leYbb48ug==

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5526772441146460470/ Frame 11C2 17 KB
17 KB 24ms
21ms Image
image/jpeg 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5526772441146460470/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6671beab7b23ab986a734fe2da51ea0c98caed1955a5ba198f3d1ca15028ae96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 18:44:15 GMT
x-content-type-options: nosniff
age: 286019
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17037
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 12:57:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jan 2024 18:44:15 GMT

GET
DATA 200
OK truncated
/ Frame 11C2 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e748d47e0930e87a515df7e2a11e9d797dd670598254900fdbd654593f001a9a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 11C2 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 11C2 0
0 48ms
47ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJbmrwBq-Y5-zJMPK6gS447PYCZzJhbVuzo-12M4Q9oGH-Yw4EAEgnZWfJmD96KKB8AOgAbeYgaIoyAEJqQIflfRAIud6PqgDAcgDywSqBO8BT9C5SFYzPT4daW8M25AWLhNSOSiKM8bmDJwfYqPGoJ5oiEbxq8DcbF4d2gkr6gEb4j4KySAJU-vOC2g0mrxv375hMbQqIZTPXeDKSmOol4CKNmX7HpymkKSda9o9suik7SPNw3QqpRBBCGkANIUh0URHDh5IiLRVpipZlnP7OP-15l2bsm6K54HzchaHcGIEh7pcYTr4l72x6ePjthO68a5Io4Fht3FcifT-783qemiQrkZ_-K4PxY9fc6hkxsqjme4OTvezBz3G0OfW0p28sDdwYv0kgtmTaXov3TObaymk7786kBqZZiT43l58gjLABLey6NalBJIFBAgEGAGSBQQIBRgEoAYugAeZ1bLLA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPO1AtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi0zOTI2OTQyMzc4NTI2Njk5GAA&sigh=lCMVTTwrNw4&uach_m=[UACH]&cid=CAQSGwDq26N9jBCdoCR-lo_88fpjDR5dyU3kmQuIeRgBIBM&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 11 Jan 2023 02:11:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 11C2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4edfb51580ba371d65e854067e00e266ead24cae660590d8bce25149c1f064f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame D7E0 198 B
251 B 22ms
22ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: j/hLiWL3AbqENNiBfx7RV1LAI45MiSiffwahlTdNILQLndJ6t59B4rKPmwinObACAC2qGPD0R5mhv3NOEv6dyg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 05 Jan 2024 06:48:10 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 8282 36 KB
16 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 20:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 20:48:45 GMT

GET
H2 200 watermark.png
livetrafficfeed.com/images/ 3 KB
3 KB 247ms
240ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://livetrafficfeed.com/images/watermark.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: c88417d536eab670b2771f604d69cc2ec6136abf5109c78e7c9fd6b0d0282220

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:47 GMT
last-modified: Thu, 23 May 2019 16:59:56 GMT
server: Nginx
etag: "5ce6d18c-aa0"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 2720
expires: Fri, 10 Feb 2023 01:46:47 GMT

GET
H2 200 overlay2.png
livetrafficfeed.com/images/ 980 B
1 KB 259ms
252ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://livetrafficfeed.com/images/overlay2.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: 3f1cdebfe02e8e40b8f88d9166bcf096678cf8f907fa736b13e99412479af55c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:47 GMT
last-modified: Sat, 09 Dec 2017 14:18:30 GMT
server: Nginx
etag: "5a2bf0b6-3d4"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 980
expires: Fri, 10 Feb 2023 01:46:47 GMT

GET
H2 200 chrome.png
cdn.livetrafficfeed.com/images/browser/11/ 481 B
702 B 248ms
242ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/browser/11/chrome.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: 7ebe3d9862ecc191accde39c1b4bb8f97a0517e4b0c49d687511b443513e7145

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:47 GMT
last-modified: Tue, 10 Jan 2023 22:01:07 GMT
server: Nginx
etag: "63bde023-1e1"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 481
expires: Fri, 10 Feb 2023 01:46:47 GMT

GET
H2 200 windows.png
cdn.livetrafficfeed.com/images/os/11/ 333 B
554 B 249ms
243ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/os/11/windows.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: 4f69f08cd476d60ce542535a120905e0f92a4abb1d263d20dc843728a44baca8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:47 GMT
last-modified: Tue, 10 Jan 2023 22:01:05 GMT
server: Nginx
etag: "63bde021-14d"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 333
expires: Fri, 10 Feb 2023 01:46:47 GMT

GET
H2 200 ca.png
cdn.livetrafficfeed.com/images/flags/16/ 364 B
585 B 250ms
244ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/ca.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: ed9906a09c938aa10979a0a3f8fb2f5b43de8c99db8be1c6864aaedcb5567ee4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:47 GMT
last-modified: Tue, 10 Jan 2023 22:01:05 GMT
server: Nginx
etag: "63bde021-16c"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 364
expires: Fri, 10 Feb 2023 01:46:47 GMT

GET
H2 200 yandex-browser.png
cdn.livetrafficfeed.com/images/browser/11/ 428 B
649 B 250ms
245ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/browser/11/yandex-browser.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: 6641876bf2a6ecd52296690f0f99f3aa09ede6d238d8541e1285a2c002a04de1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:47 GMT
last-modified: Tue, 10 Jan 2023 22:01:12 GMT
server: Nginx
etag: "63bde028-1ac"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 428
expires: Fri, 10 Feb 2023 01:46:47 GMT

GET
H2 200 nl.png
cdn.livetrafficfeed.com/images/flags/16/ 151 B
372 B 251ms
246ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/nl.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: 8ff39e6372d5b6aafdf5c31f552473bd8b4467e69eaded77e774e0b277bc352d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:47 GMT
last-modified: Tue, 10 Jan 2023 22:01:05 GMT
server: Nginx
etag: "63bde021-97"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 151
expires: Fri, 10 Feb 2023 01:46:47 GMT

GET
H2 200 us.png
cdn.livetrafficfeed.com/images/flags/16/ 354 B
575 B 251ms
246ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/us.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: 7463892aa3cd85096c84caf30395737dcece130390217ee71745efaeaa1f5f33

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:47 GMT
last-modified: Tue, 10 Jan 2023 22:01:05 GMT
server: Nginx
etag: "63bde021-162"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 354
expires: Fri, 10 Feb 2023 01:46:47 GMT

GET
H2 200 microsoft-edge.png
cdn.livetrafficfeed.com/images/browser/11/ 515 B
736 B 252ms
248ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/browser/11/microsoft-edge.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: c80bdf77d8aa8b99d5ca9155a6acf06ba56f0fcd3e01579d35076b32eb5a9458

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:47 GMT
last-modified: Tue, 10 Jan 2023 22:01:09 GMT
server: Nginx
etag: "63bde025-203"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 515
expires: Fri, 10 Feb 2023 01:46:47 GMT

GET
H2 200 kr.png
cdn.livetrafficfeed.com/images/flags/16/ 557 B
778 B 253ms
249ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/kr.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: ef01f87509581efc27e524eb05fe40dc50fd84867d1b61060dc0f2fa957791b3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:47 GMT
last-modified: Tue, 10 Jan 2023 22:01:05 GMT
server: Nginx
etag: "63bde021-22d"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 557
expires: Fri, 10 Feb 2023 01:46:47 GMT

GET
H2 200 vn.png
cdn.livetrafficfeed.com/images/flags/16/ 288 B
509 B 254ms
250ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/vn.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: cab08d59ea275b9acd0d010b3f9c82fcd2d681f890b73923669440ff8a04dd50

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:47 GMT
last-modified: Tue, 10 Jan 2023 22:01:05 GMT
server: Nginx
etag: "63bde021-120"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 288
expires: Fri, 10 Feb 2023 01:46:47 GMT

GET
H2 200 br.png
cdn.livetrafficfeed.com/images/flags/16/ 528 B
749 B 254ms
251ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/br.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: dd90a17b12f7d2e3eb3900dae021597d014ea62de7a37319d80150b6e2ec7ea6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:47 GMT
last-modified: Tue, 10 Jan 2023 22:01:05 GMT
server: Nginx
etag: "63bde021-210"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 528
expires: Fri, 10 Feb 2023 01:46:47 GMT

GET
H2 200 ae.png
cdn.livetrafficfeed.com/images/flags/16/ 194 B
414 B 484ms
481ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/ae.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: 1c393b92d355a2f6e93d7ba5e4472b6bc9ff9c97802849b9c69475082f575197

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:48 GMT
last-modified: Tue, 10 Jan 2023 22:01:05 GMT
server: Nginx
etag: "63bde021-c2"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 194
expires: Fri, 10 Feb 2023 01:46:48 GMT

GET
H2 200 hk.png
cdn.livetrafficfeed.com/images/flags/16/ 322 B
543 B 485ms
482ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/hk.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: 76a3a9195a6a842ef912bd3b18e91aece73b4d713f878542885f80efb3ed7d3c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:48 GMT
last-modified: Tue, 10 Jan 2023 22:01:05 GMT
server: Nginx
etag: "63bde021-142"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 322
expires: Fri, 10 Feb 2023 01:46:48 GMT

GET
H2 200 id.png
cdn.livetrafficfeed.com/images/flags/16/ 141 B
362 B 486ms
483ms Image
image/png 139.99.46.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livetrafficfeed.com/images/flags/16/id.png
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.46.91 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: 91.ip-139-99-46.eu
Software: Nginx /
Resource Hash: 8fbdc66296c690774b587a41066b1c9885af80b110519e975bc00b8a2185599f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:46:48 GMT
last-modified: Tue, 10 Jan 2023 22:01:05 GMT
server: Nginx
etag: "63bde021-8d"
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 141
expires: Fri, 10 Feb 2023 01:46:48 GMT

GET
H2

200

2981
tags.bluekai.com/site/
Redirect Chain

https://tags.bluekai.com/site/39798?limit=1&id=2fCn_y9IZmvhZ73fBT5kzjIYm9DixtNE4qRkrao19-tc
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=M2lXbnNDd005OU9BV3E4TQ%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEP3LZ00xnfcdazi3RrOGdWo&google_cver=1

62 B
315 B

124ms
123ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEP3LZ00xnfcdazi3RrOGdWo&google_cver=1
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: H2
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 11 Jan 2023 02:11:15 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEP3LZ00xnfcdazi3RrOGdWo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2XwiVf5FGg21Cl5oh6JbB4QoTJWmupb7s8KS5YOnc-5U
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a7f353b7-4fc7-4dc6-8773-491fc0d2c371%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=70484889-ebba-4b5c-9c7f-1555ae41aa31&ttd_puid=a7f353b7-4fc7-4dc6-8773-491fc0d2c371%2C%2C

95 B
122 B

49ms
48ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=70484889-ebba-4b5c-9c7f-1555ae41aa31&ttd_puid=a7f353b7-4fc7-4dc6-8773-491fc0d2c371%2C%2C

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=70484889-ebba-4b5c-9c7f-1555ae41aa31&ttd_puid=a7f353b7-4fc7-4dc6-8773-491fc0d2c371%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3656611185477979346&newuser=1&referrer_pid=51md42u

70 B
440 B

45ms
28ms

Image
image/gif

52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3656611185477979346&newuser=1&referrer_pid=51md42u
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: HTTP/1.1
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 11 Jan 2023 02:11:15 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3656611185477979346&newuser=1&referrer_pid=51md42u
pragma: no-cache
date: Wed, 11 Jan 2023 02:11:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=2528948850074157157&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

24ms
24ms

Image
image/gif

52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=2528948850074157157&bid=2cr76e1&referrer_pid=51md42u
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: HTTP/1.1
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 11 Jan 2023 02:11:15 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Wed, 11 Jan 2023 02:11:14 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e412dc4d-ec8a-4671-bf35-141b8c88b809
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ps.eyeota.net/match?uid=2528948850074157157&bid=2cr76e1&referrer_pid=51md42u
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://api.retargetly.com/getuid?p=1625&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6bqoi0v%26referrer_pid%3D51md42u%26uid%3D%25rlid%25
https://api.retargetly.com/getuid?p=1625&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6bqoi0v%26referrer_pid%3D51md42u%26uid%3D%25rlid%25&_rlid=33f1d8a4-4945-43ce-8906-...
https://ps.eyeota.net/match?bid=6bqoi0v&referrer_pid=51md42u&uid=33f1d8a4-4945-43ce-8906-e50136702404

70 B
440 B

30ms
30ms

Image
image/gif

52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=6bqoi0v&referrer_pid=51md42u&uid=33f1d8a4-4945-43ce-8906-e50136702404
Requested by: Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html
Protocol: HTTP/1.1
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 11 Jan 2023 02:11:15 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
location: https://ps.eyeota.net/match?bid=6bqoi0v&referrer_pid=51md42u&uid=33f1d8a4-4945-43ce-8906-e50136702404
access-control-allow-origin: *
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control: no-cache
cf-ray: 787a1ee34ad9c3ee-EWR
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame CE08 227 B
605 B 45ms
43ms XHR
application/json 3.216.210.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.210.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-210-67.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: dc4011963ae78755e6d80fedcb6873ac44ff90d78a60d8e705e2c1b18bc5208a

Request headers

Referer: https://cdn-tc.33across.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:14 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cdn-tc.33across.com
cache-control: no-cache
x-server: 10.40.15.99
access-control-allow-credentials: true
content-length: 227
expires: 0

GET
H3 200 t7_arXa8eSS.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame 6693 18 KB
5 KB 25ms
19ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/t7_arXa8eSS.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e67e63d75cf6e60ad0c2abe2ac0eb45dea806e36fd5c441a50dd9db7b54d3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2/33cV905auNljb0IH/8iA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4692
x-fb-rlafr: 0
x-fb-debug: Y0jEusivRptVAdat8oCmMo5oW+K54Ao6n/S+L0lWsmNlU06JAyhfFma/QFm93DaTfv3icjhYShXQdGusDJOSWA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 31 Dec 2023 18:33:07 GMT

GET
DATA 200
OK truncated
/ Frame 6693 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 I91dQtKCqtJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 6693 4 KB
1 KB 27ms
20ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/I91dQtKCqtJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35038446d0cae0d4cf68472310f8c4e3775f84d4a6c51036fb52c1276c8a5ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2IYt6/c/e1MNqkQFb3wwdQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1285
x-fb-rlafr: 0
x-fb-debug: uqJl7LnKCh7h2w7ky54GwfuHC9o7n6e629Dx5nlfguIV0Z5t/8hwuYEOXko7q8CALnaQV1Vs/KyYYoo8MpM/2Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 07 Jan 2024 18:55:52 GMT

GET
H3 200 a0c8qga8Jsq.css
static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/ Frame 6693 6 KB
2 KB 29ms
22ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/a0c8qga8Jsq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e01a7b72d9a3b6befeff60011fda291e59c2d40d3a43c191f901e111352f6f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CsKph2EQyoTk69cJOaIF6w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1801
x-fb-rlafr: 0
x-fb-debug: nAm4nM7UcbKkQcHMS7GdzpWaJ5upFThnj37RJXn+dmioGPU2SmcybVUabaLf0tP4phygy3py/DlZaRp7hPIxLQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Jan 2024 17:10:43 GMT

GET
DATA 200
OK truncated
/ Frame 6693 516 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0592d1c43cb957f92dbb1ff08240a1c8faabc1eeb9e7186be2ce918dfd53da6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 ZhHx9Kpk0Ey.css
static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ Frame 6693 17 KB
4 KB 28ms
20ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ZhHx9Kpk0Ey.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab36197482cd2687f3101b72a2dac90158dd89bc96525b813716e373f305f7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Vv66MkV6G2go5hRDqSw0tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3941
x-fb-rlafr: 0
x-fb-debug: Td6J/8HV/sKU1e0X7Yqz7er8IFHUPFz5DDlZ9Htq9cIGg+Ik3hHPnvtRivegI/joswU6dhNvOBYloDd+NwRlGA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Fri, 29 Dec 2023 00:01:00 GMT

GET
H3 200 iJ74GuEjPmx.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ Frame 6693 39 KB
8 KB 31ms
23ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/iJ74GuEjPmx.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ad14eeb748eee6a429d326f2232cac4917e4a1d798126911407094f13ca0bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yyTfWzZpODOQ+bPkJuxuVg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8303
x-fb-rlafr: 0
x-fb-debug: rNJqxditdmr7678k8U8Q/aKfToJyZbSgMIgzdoo/2LWoMth5hYUZWmFqImgZqYbm6k3dlgSIWR0JD1UpdPLvxA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 01 Jan 2024 17:34:35 GMT

GET
H3 200 RWlia_03N0g.css
static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/ Frame 6693 23 KB
5 KB 32ms
23ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/RWlia_03N0g.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6eca1a574330e6c7e9393786778a2801ef56e45ce5576936858d79ff89306079

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZTHJ/VGBNs0u4GHGXkcTPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5292
x-fb-rlafr: 0
x-fb-debug: 2mhCVCNZeIkqf/QzN4juSSJIqZ59PABvvGp+vDf8G5kw5Ee0rbcf9ya4J60HuJfxqEGxjfad2BmZgjmjYDsXXA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 08 Jan 2024 17:23:40 GMT

GET aSZHSTSawRj.js
static.xx.fbcdn.net/rsrc.php/v3iTWr4/yX/l/en_GB/ Frame 6693 0
0

GET
H3 200 5Efu-Dd9ERG.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame 6693 33 KB
6 KB 44ms
33ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fl5R7gBdn+7q3joF/eO71w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6398
x-fb-rlafr: 0
x-fb-debug: E4nrTA6bXNwl091JSPICC7DWE+cUXTOAD3qkGKRMPuX0uWhFCcw5d1DeSOsh4bJpWTV9IMxLTL6h4L4r6p2N5Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Dec 2023 18:08:06 GMT

GET ek0SDUFa3HY.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame 6693 0
0

GET 4Mu2lW6i1B1.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 6693 0
0

GET OJQ8gpx7BBG.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 6693 0
0

GET 3wX2w-O_9zc.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame 6693 0
0

GET 2f61oWyjOj5.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 6693 0
0

GET 64zQg4vqE4h.js
static.xx.fbcdn.net/rsrc.php/v3ibcU4/yt/l/en_GB/ Frame 6693 0
0

GET v-jiNzKyf8Y.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 6693 0
0

GET zYOdBeToBPP.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 6693 0
0

GET yC-4X5wyzhE.js
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 6693 0
0

GET kMT57KHo5td.js
static.xx.fbcdn.net/rsrc.php/v3i30-4/y1/l/en_GB/ Frame 6693 0
0

GET C8hbKUiuCgi.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 6693 0
0

GET XeCx9gP9WBh.js
static.xx.fbcdn.net/rsrc.php/v3iKw34/y8/l/en_GB/ Frame 6693 0
0

GET smKzmPnmZ-7.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame 6693 0
0

GET DyS_QgJoRDC.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame 6693 0
0

GET McdQ29v_8qn.js
static.xx.fbcdn.net/rsrc.php/v3iKOx4/yJ/l/en_GB/ Frame 6693 0
0

GET eCXpduaJ45n.js
static.xx.fbcdn.net/rsrc.php/v3impS4/yb/l/en_GB/ Frame 6693 0
0

GET h8ulkmpky8f.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 6693 0
0

GET OaQb38zu6WS.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 6693 0
0

GET BqEjD1dj1pL.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 6693 0
0

GET RZxjkupmopI.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 6693 0
0

GET ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 6693 0
0

GET
H3 200 /
www.facebook.com/login/ Frame 6693 0
0 121ms
95ms Document
text/html 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv14.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1a4ce917457448%2526domain%253Dwww.blackhatrussia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blackhatrussia.com%25252Ff2f592a3c20df0c%2526relation%253Dparent.parent%26container_width%3D360%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblackhatrussiaofficial007%26locale%3Den_GB%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a4ce917457448%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 11 Jan 2023 02:11:15 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 9NWVgEQmm8TRiUAAnfaPVXl+3TOobhXHYQAQthwKIhrs7hNKTLRWwKdsXoy8vkcytMI/veXegPj2k5V6XTo38w==
x-frame-options: DENY
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11C2 0
20 B 44ms
43ms Ping
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoPCAEqC2xlYWRlcmJvYXJkCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMwoNECshAAAAAAAAWUAwBAoNEAMhAAAAzcyggEAwBAoNEAohAAAAgGZmNkAwBAoNEA0hAAAAAAAAAAAwBAoOEB4qCDEwMDV4MTI0MAQKDhAZKggxMDA1eDEyNDAECg0QDiEAAAAAoJm5PzAECg0QBCEAAADNzGSBQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAIBfQDAECg0QBSEAAAAAAGyBQDAECg0QECEAAAAAAL6xQDAECg0QESEAAAAAQCTTQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAACamRGEQDAECg0QFCEAAAAAIJviQDAECg0QFSEAAAAAAAAmQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAADNzHyEQDAECg0QMiEAAAAAzsz0PzAECg0QMyEAAAAAzsz0PzAECg0QNCEAAAAAzsz0PzAECg0QNSEAAAAAzsz0PzAECg0QNiEAAAAAzsz0PzAECg0QNyEAAAAAzsz0PzAECg0QOCEAAACAZmYSQDAECg0QOSEAAABgZmY4QDAECg0QOiEAAADgzMw5QDAECg0QOyEAAAAzMwOEQDAECg0QPCEAAAAzMwOEQDAECg0QPSEAAACamRGEQDAECg0QPiEAAACamRGEQDAECg0QPyEAAACamRGEQDAECg0QQCEAAADNzKCEQDAEEhpDSi1UMVoyNHZ2d0NGVU9sbWdvZHVQRU1tdyIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1522be3fab9b5e46de5cf3e17a8f5154.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 t7_arXa8eSS.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame D7E0 18 KB
5 KB 26ms
24ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/t7_arXa8eSS.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e67e63d75cf6e60ad0c2abe2ac0eb45dea806e36fd5c441a50dd9db7b54d3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2/33cV905auNljb0IH/8iA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4692
x-fb-rlafr: 0
x-fb-debug: Y0jEusivRptVAdat8oCmMo5oW+K54Ao6n/S+L0lWsmNlU06JAyhfFma/QFm93DaTfv3icjhYShXQdGusDJOSWA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 31 Dec 2023 18:33:07 GMT

GET
DATA 200
OK truncated
/ Frame D7E0 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 I91dQtKCqtJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame D7E0 4 KB
1 KB 31ms
23ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/I91dQtKCqtJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35038446d0cae0d4cf68472310f8c4e3775f84d4a6c51036fb52c1276c8a5ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2IYt6/c/e1MNqkQFb3wwdQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1285
x-fb-rlafr: 0
x-fb-debug: uqJl7LnKCh7h2w7ky54GwfuHC9o7n6e629Dx5nlfguIV0Z5t/8hwuYEOXko7q8CALnaQV1Vs/KyYYoo8MpM/2Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 07 Jan 2024 18:55:52 GMT

GET
H3 200 a0c8qga8Jsq.css
static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/ Frame D7E0 6 KB
2 KB 34ms
25ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/a0c8qga8Jsq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e01a7b72d9a3b6befeff60011fda291e59c2d40d3a43c191f901e111352f6f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CsKph2EQyoTk69cJOaIF6w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1801
x-fb-rlafr: 0
x-fb-debug: nAm4nM7UcbKkQcHMS7GdzpWaJ5upFThnj37RJXn+dmioGPU2SmcybVUabaLf0tP4phygy3py/DlZaRp7hPIxLQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Jan 2024 17:10:43 GMT

GET
DATA 200
OK truncated
/ Frame D7E0 516 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0592d1c43cb957f92dbb1ff08240a1c8faabc1eeb9e7186be2ce918dfd53da6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 ZhHx9Kpk0Ey.css
static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ Frame D7E0 17 KB
4 KB 32ms
24ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ZhHx9Kpk0Ey.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab36197482cd2687f3101b72a2dac90158dd89bc96525b813716e373f305f7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Vv66MkV6G2go5hRDqSw0tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3941
x-fb-rlafr: 0
x-fb-debug: Td6J/8HV/sKU1e0X7Yqz7er8IFHUPFz5DDlZ9Htq9cIGg+Ik3hHPnvtRivegI/joswU6dhNvOBYloDd+NwRlGA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Fri, 29 Dec 2023 00:01:00 GMT

GET
H3 200 iJ74GuEjPmx.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ Frame D7E0 39 KB
8 KB 35ms
27ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/iJ74GuEjPmx.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ad14eeb748eee6a429d326f2232cac4917e4a1d798126911407094f13ca0bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yyTfWzZpODOQ+bPkJuxuVg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8303
x-fb-rlafr: 0
x-fb-debug: rNJqxditdmr7678k8U8Q/aKfToJyZbSgMIgzdoo/2LWoMth5hYUZWmFqImgZqYbm6k3dlgSIWR0JD1UpdPLvxA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 01 Jan 2024 17:34:35 GMT

GET
H3 200 RWlia_03N0g.css
static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/ Frame D7E0 23 KB
5 KB 38ms
31ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/RWlia_03N0g.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6eca1a574330e6c7e9393786778a2801ef56e45ce5576936858d79ff89306079

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZTHJ/VGBNs0u4GHGXkcTPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5292
x-fb-rlafr: 0
x-fb-debug: 2mhCVCNZeIkqf/QzN4juSSJIqZ59PABvvGp+vDf8G5kw5Ee0rbcf9ya4J60HuJfxqEGxjfad2BmZgjmjYDsXXA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 08 Jan 2024 17:23:40 GMT

GET
H3 200 aSZHSTSawRj.js Show response
static.xx.fbcdn.net/rsrc.php/v3iTWr4/yX/l/en_GB/ Frame D7E0 16 KB
5 KB 40ms
32ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iTWr4/yX/l/en_GB/aSZHSTSawRj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6dce12d20a02bdf4a53d4e141f645a57f999eeb9b1e53cd77c73ec9e9d242c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9BCyr2/bE89U3kLFcTekHg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5164
x-fb-rlafr: 0
x-fb-debug: YDio2gRbhECfN28dV3GaZaVPQ4uFd8VCY9GBY5X6MIUDyYM3lr4cV18Ct5pAlWKHaEwKyPmgHMM+bg7HZfoM9A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Jan 2024 17:31:22 GMT

GET
H3 200 5Efu-Dd9ERG.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame D7E0 33 KB
6 KB 44ms
37ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fl5R7gBdn+7q3joF/eO71w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6398
x-fb-rlafr: 0
x-fb-debug: E4nrTA6bXNwl091JSPICC7DWE+cUXTOAD3qkGKRMPuX0uWhFCcw5d1DeSOsh4bJpWTV9IMxLTL6h4L4r6p2N5Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Dec 2023 18:08:06 GMT

GET
H3 200 ek0SDUFa3HY.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame D7E0 61 KB
16 KB 46ms
39ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ek0SDUFa3HY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

640c1c9b54961c2788bdfe8b114268aa69cd7aca4fe82aa8530cadbd7c164d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gyDcGpe7x1hNrRj3tk2QzQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16218
x-fb-rlafr: 0
x-fb-debug: j3uOO7DWNlXPZhVD9R3q9Q4+CgxbqR9q93kQICWackysRfR60SCFSijVYou2K5VoL1RiKbD7d7qFQQ12VwYO6A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Tue, 09 Jan 2024 22:25:56 GMT

GET
H3 200 4Mu2lW6i1B1.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame D7E0 8 KB
3 KB 49ms
41ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/4Mu2lW6i1B1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e64da46ace72a8f3464880f0ee884675137c404432ee3685a467d675b3cf18bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0PeKM3DhxvGziuqrCXLZUw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2736
x-fb-rlafr: 0
x-fb-debug: z2x1DYLqwRptYvxoeeLXjD8cXvktudv1yJTBojNawH/+QVC1FTZM/pitR9ybUWnyaAevBpFZCAGJtIFnPJiyNA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Dec 2023 23:10:30 GMT

GET
H3 200 OJQ8gpx7BBG.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame D7E0 11 KB
4 KB 47ms
41ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/OJQ8gpx7BBG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f74b1ba072844222702e7b1c2aa5e74ac34c69d4ec3563de0bfe847fd5b4b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nVwHcTKYFPpEVV5wNRzR0w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3891
x-fb-rlafr: 0
x-fb-debug: EgaiaNNNseZlUf5kH9F1nR5RxftYeV/iIwjMhxkdIVoQsMLpKlOLKKiSJFZjdT3uXlNg5932TpNmSVZ7J6S8TA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 10 Jan 2024 17:07:42 GMT

GET
H3 200 3wX2w-O_9zc.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame D7E0 3 KB
1 KB 49ms
42ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5180e76115ebb9ef78950d34426aabe5ec6b1acd59a5f09b7291787ad3fa23aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uV7JGgDrmsxMpOSKdw+Y9Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1243
x-fb-rlafr: 0
x-fb-debug: SwdX0q/u6y3VU/k+gX0rTKhjKzWS01YfnuA4h9erxIOsFXzSYqeqzYvDMRi68LG341x1GEOAams3NbUeJ/HQdA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Dec 2023 22:54:50 GMT

GET
H3 200 2f61oWyjOj5.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame D7E0 14 KB
5 KB 51ms
45ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f6a6fda1fdc0a8a8ba1494660498fd978611bf1046409dd648cb7829716f5b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LzvT9doqy1WCjF3O/eiidA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5358
x-fb-rlafr: 0
x-fb-debug: o+JjMNJ3EIEZzQ6h0woRgVFLJvvr4pGqzX4rECLO3++c1wtiSrKAy/dqQPkgyFc4Z5jB+33rmjpn4omCBl6MxQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Jan 2024 17:41:43 GMT

GET
H3 200 64zQg4vqE4h.js Show response
static.xx.fbcdn.net/rsrc.php/v3ibcU4/yt/l/en_GB/ Frame D7E0 23 KB
7 KB 52ms
45ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ibcU4/yt/l/en_GB/64zQg4vqE4h.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46cc4c97b829990f5c52fa98976d9ca6edf49e1b382862d5475c473145189f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1phX70vo+SBiLeJDbtu+gw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6712
x-fb-rlafr: 0
x-fb-debug: 72XxIVuYgiHisz9xa1rRJbtCOOvFZNzFLpOy+CHIQ6a5NqyKZTI9Qneg22FbKh6IvrJtjZKlB0AN8nW3P/cVIA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 05 Jan 2024 18:22:11 GMT

GET
H3 200 v-jiNzKyf8Y.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame D7E0 35 KB
9 KB 52ms
46ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/v-jiNzKyf8Y.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40165464d0480a04dee0097ab6c7d2a4f9c55f015f10d4d8bd61866350f60be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HX+wPTGnemd7bszfPsqd9A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9332
x-fb-rlafr: 0
x-fb-debug: u9tCMINV2LYhSfdgqaugr5Ay3qbNmnS3k054SAiH5O8dCFXBycj3Ge/CNzi4P3zv3ymgB6WKqM0gpHr1P2Wx2A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 04 Jan 2024 03:39:25 GMT

GET
H3 200 zYOdBeToBPP.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame D7E0 287 KB
61 KB 54ms
48ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/zYOdBeToBPP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

264baa03bd9e863a79e9915997569b4683bc42d14bbb4cf1e211785ba00b3807

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8ZfauJrPVam+tjF1/pA/9g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 62656
x-fb-rlafr: 0
x-fb-debug: 4czKlHNd2ohW4kKGVehErGpnpd06d3Ah5Xy5aRVq72DchNXukuaI/qvljbx4vS910DfI6rSje20c/NOni5EoOg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 01 Jan 2024 16:49:57 GMT

GET
H3 200 yC-4X5wyzhE.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame D7E0 41 KB
11 KB 55ms
49ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/yC-4X5wyzhE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

515ede607a371ac0bddfcea4e9ce6f528ee229dc574dd4ca5a30712cdb554649

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Mb79SLajSfBnDkaFvMzgMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11651
x-fb-rlafr: 0
x-fb-debug: mmJQ5n3QhzR5/aIQGrq9cY9DbVPCt/21sCqSUnYQlzMURRBtMnXP99nFXuDBSiVHdQ3tXyj0Ec/6J2E7BtE6Vg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Jan 2024 22:26:07 GMT

GET
H3 200 kMT57KHo5td.js Show response
static.xx.fbcdn.net/rsrc.php/v3i30-4/y1/l/en_GB/ Frame D7E0 424 KB
99 KB 55ms
50ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i30-4/y1/l/en_GB/kMT57KHo5td.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4abdd9dd13f76f5b41694dd323088a892418dc5f97294f97a1ecb0a454b8e017

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zTYK1siKiojFwsSsq/wMVA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 101379
x-fb-rlafr: 0
x-fb-debug: lpQv4q6YOEGjk47I00K/BZzYZn4Xj0cualWnzo7Dfr9jm/78KJ0HMynFZzg5X5kl9iE5O4UoiO9mxOPeEQsdjg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 06 Jan 2024 07:04:44 GMT

GET
H3 200 C8hbKUiuCgi.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame D7E0 11 KB
4 KB 65ms
60ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/C8hbKUiuCgi.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb7f6e1486453d58409d542e4822f5d950eea4a9465ba9fead09fcb2c8ebdae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: j8waFmx0KszZbUVlzw+m+A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3575
x-fb-rlafr: 0
x-fb-debug: 9m/wFMY2i7ySlSVA0aycI6eCmN+hJLyEe+SirJ0O2PeNP4idtr2SMoi92wkzFXrCFfXLxCsEnMox2QafgalOkA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Tue, 09 Jan 2024 18:56:41 GMT

GET
H3 200 XeCx9gP9WBh.js Show response
static.xx.fbcdn.net/rsrc.php/v3iKw34/y8/l/en_GB/ Frame D7E0 43 KB
13 KB 66ms
61ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iKw34/y8/l/en_GB/XeCx9gP9WBh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9349ad507ed6ca736793df7e59c7f6c4957070a8f1b96400cd329d13d27dad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2c7Nleg7co7G7SuZEDXMdw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13148
x-fb-rlafr: 0
x-fb-debug: JcrpCYc3q66so4VHPRhgsBzydMxtfvyXBrjgeqhw0vbr+tB2IiOQwfMK0rcaw8EwOj7Gp7A5R5wPa2mmza9kjA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 05 Jan 2024 15:10:23 GMT

GET
H3 200 smKzmPnmZ-7.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame D7E0 344 KB
75 KB 117ms
112ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/smKzmPnmZ-7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ecfb75e22f818b951efebc894f3071187a0982c2921f7f5f894b9b5e8ca4351d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wIWh/Q7I0WCml2pvdS8nmg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76790
x-fb-rlafr: 0
x-fb-debug: M6v42yxS3Pl7DYLgVs+C9icpcjpwVxLqldikNivqIwWCkSnE59axl1RFmmKuPoNt73HRlq3wO+OSjhvZxOOYeA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Jan 2024 23:47:59 GMT

GET
H3 200 DyS_QgJoRDC.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame D7E0 102 KB
27 KB 118ms
114ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/DyS_QgJoRDC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ad34201d4c41639d502a2c6750ea9d7b546a1843be8bd3599689a62e391bf3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2IH91zB/Nd6G+k9aP4Ks8g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27381
x-fb-rlafr: 0
x-fb-debug: 8FGhdqqYkT7Xp4ICASl0eQo2oWlgU1b6Qo3D4Sx8T3O0mYY+gVQ2MPLmIL67zd9fptrPgRJ1/gqXzxIMYphssQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Jan 2024 00:02:24 GMT

GET
H3 200 McdQ29v_8qn.js Show response
static.xx.fbcdn.net/rsrc.php/v3iKOx4/yJ/l/en_GB/ Frame D7E0 188 KB
41 KB 112ms
108ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iKOx4/yJ/l/en_GB/McdQ29v_8qn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b71bf9cacb58184608d2d7a32df54f121634e541e4d110d5d10b05ebf1b57f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: IvlgM69S9hDkMx3QLUgjZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 41888
x-fb-rlafr: 0
x-fb-debug: gQhGPA1nPHdHk7fQiRKxgq97IZEfxRKtJwr+ar/gxsEa0xFPjFyrSyGZD/hbmg5Jnk2Yu1s/ipv/0ylUYW/dEw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1,i
expires: Fri, 05 Jan 2024 14:06:36 GMT

GET
H3 200 eCXpduaJ45n.js Show response
static.xx.fbcdn.net/rsrc.php/v3impS4/yb/l/en_GB/ Frame D7E0 334 KB
78 KB 66ms
61ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3impS4/yb/l/en_GB/eCXpduaJ45n.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

369247e6f5db79743e426de4bc85cc8c88b06b8cd99101549dcc4405299641f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9Le0FaWRPi08q+4NcZBbPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 79532
x-fb-rlafr: 0
x-fb-debug: aLthWKqYIzd0UXcNF8DeCBAB7X3/oGP5V4tWL5EgGYoGt7tF/5SdzJYhCvq6PXo7gT7U4mw+cFhN55yKR7PXxQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Tue, 09 Jan 2024 21:58:18 GMT

GET
H3 200 h8ulkmpky8f.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame D7E0 55 KB
15 KB 108ms
103ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lbhbphR1BNPxW6RqDJiiow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15174
x-fb-rlafr: 0
x-fb-debug: ORxiZ6BYgc2G15nV9kWJ1r03QmaHv1yiYfLBfVncUPaVN5jlUW138SQ5QXhqkPZFb44Z3vQNZM8jgxS4pHphzw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Tue, 09 Jan 2024 23:47:58 GMT

GET
H3 200 OaQb38zu6WS.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame D7E0 305 KB
60 KB 118ms
114ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/OaQb38zu6WS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7df5b6c8239ea246e7da0f5cf477856f979b15304314943651fc486d7fb191c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: w8Q1DCqRRYh7rzj+zfTB8w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 61252
x-fb-rlafr: 0
x-fb-debug: XDzL7o59wltq/GepbvK1my9y5vb0M+g9TFs4CWD8gOZQCzPvvwta4bNOn1kdWUbMlSiDXUU1S4oLR7p/25sljQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Jan 2024 02:14:07 GMT

GET
H3 200 BqEjD1dj1pL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame D7E0 840 B
419 B 109ms
104ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uknKQ5sJ+8vBWLiIBWWBIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 356
x-fb-rlafr: 0
x-fb-debug: dQ/Boq0YZ/7kNZDGPynEvQ08FmGsnKykZidJm7TSPrX2/s1/FGRQAl9rNydFNwKNCo81RBuxKzovykpL2/xC9g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Tue, 09 Jan 2024 19:42:38 GMT

GET
H3 200 RZxjkupmopI.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame D7E0 10 KB
3 KB 110ms
106ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/RZxjkupmopI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7eb42b5e9047e099b2ea68e3fe3c35b8d3ff0c89262653d977c289262bf768c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lBs9twY1rXDc5qMe5rrNXg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2615
x-fb-rlafr: 0
x-fb-debug: mLlKiRoYrRML7rKb2nBeVQ27R8w+6gUqjPwI/w9eM15b74HyrbAQ/zKwqzZwIgY3xsdltuPMavpTw/Eel4K10g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 03 Jan 2024 16:46:21 GMT

GET
H3 200 ie38mp0O07P.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame D7E0 25 KB
10 KB 118ms
114ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CEYVgZg04j7erS0ub7sNsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10390
x-fb-rlafr: 0
x-fb-debug: Zj8YPhWfX8epBzUz70iugyqUPZOZNia2eQ8SMwMSTzTYJIXdZa5dzGVRkRJzte1yiUVKrwH5UGBZeKbZ8Jqouw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 07 Jan 2024 10:04:14 GMT

GET
H3 200 /
www.facebook.com/login/ Frame D7E0 0
0 83ms
83ms Document
text/html 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv14.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df145371adf0519%2526domain%253Dwww.blackhatrussia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blackhatrussia.com%25252Ff2f592a3c20df0c%2526relation%253Dparent.parent%26container_width%3D263%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblackhatrussiaofficial007%26locale%3Den_GB%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/wtmvR9r7LW5.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df145371adf0519%26domain%3Dwww.blackhatrussia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blackhatrussia.com%252Ff2f592a3c20df0c%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblackhatrussiaofficial007&locale=en_GB&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 11 Jan 2023 02:11:15 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: pNH7lrf2tfeJgcEooYtdmY1o0cSQOo83ffH2n93uBC7TZA91XuCvrnhi3+FOAB72YPr4hmndf0PfWOcg43kUhA==
x-frame-options: DENY
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F91E 0
20 B 41ms
41ms Ping
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoRCAEqDXRvd2VyMi1zcXVhcmUKCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAzCg0QKyEAAAAAAAAuQDAECg0QAyEAAAAAAIh1QDAECg0QDSEAAAAAAAAAADAECgkQHioDMHgwMAQKCRAZKgMweDAwBAoNECshAAAAAAAAMkAwBAoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAAEAk00AwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAAAAZmaOeEAwBAoNEBQhAAAAAEAk00AwBAoNEBUhAAAAAAAAIkAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAAmpn1gkAwBBIaQ0o2VDFaMjR2dndDRlVPbG1nb2R1UEVNbXciEmdwYS9tYXhpbWFsX3YxX29jaCgM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1522be3fab9b5e46de5cf3e17a8f5154.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 1563 36 KB
16 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 20:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 20:48:45 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F7E2 42 B
64 B 43ms
43ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHEUnMLAlP5Vk6T3jnBjmtSdAAuIC-7twkqMiJJ9jN2yxu-7u2i2lL2zCy0PhGitF7xCeQj9CFCQnstHIBCc4200upfPLvV7OBLeEh8rYFFzwT-wfqRCUH45iXbGn6Twuz0nA&sai=AMfl-YQg3U-DqP_QOPg9yTr9XC0k5XliCkBQP8JhDTtmx0LN8Aj15VCU3YtHsW30Nk6HL0lHfG3LhkQVzdkvG4Q&sig=Cg0ArKJSzPNN95OXA682EAE&cid=CAQSGwDq26N90flkcBg6Yy68DJaKvQF7MyNz2ZpzexgBIBM&id=lidar2&mcvt=1041&p=0,0,600,300&mtos=1041,1041,1041,1041,1041&tos=1041,0,0,0,0&v=20230109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2449921201&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673403072743&rpt=1454&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST bz
www.facebook.com/ajax/ Frame D7E0 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 11C2 42 B
64 B 47ms
46ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDCkE8hdM0M3wKarT3-uzfsNAdF0qMEncjCUro3kZvBNQPzgSULrj3mdIr3_rEzAepMeOCL95yB4STBv14OuFML2GlINXc3UNH_HDpQ6-r7D-NwE-kzyKv0PTO6aNDwrOvNKA&sai=AMfl-YQ2ApL3w7bOTbmt2cpRqkqgGa8ebwCXg-_V9saoWRvMaAIpBTAHpxxnu5VGQV6-y5tVD0JI1SSe_qwj28U&sig=Cg0ArKJSzIFlRKBhpleeEAE&cid=CAQSGwDq26N9jBCdoCR-lo_88fpjDR5dyU3kmQuIeRgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=341,1000,1000,1000,1000&tos=341,659,0,0,0&v=20230109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673403074126&rpt=656&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Jan 2023 02:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 45ms
44ms Image
image/gif 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=5.895131078968831

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-BzJw4NwANN2q2LLDUfF8yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-BzJw4NwANN2q2LLDUfF8yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 63ms
62ms Image
image/gif 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.4063603059920393

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sWzHDQRc5aQ5clGPxS6UIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-sWzHDQRc5aQ5clGPxS6UIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXlpDCmSzluPASmyA4Zl-gRHairoD0GKu2pgv4oZcPIhKh7ocvHCbqqkMwEoVAlispp8K3-aLN84B_DkURvfuoTkIcgSTzR-X-vqCEiNShYpYK3oSXxCDSnbBWqLAx52C6fPkLQUw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
44ms XHR
text/html 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXlpDCmSzluPASmyA4Zl-gRHairoD0GKu2pgv4oZcPIhKh7ocvHCbqqkMwEoVAlispp8K3-aLN84B_DkURvfuoTkIcgSTzR-X-vqCEiNShYpYK3oSXxCDSnbBWqLAx52C6fPkLQUw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RCnCiLfTZgnul9X6tA_LdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 02:11:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-RCnCiLfTZgnul9X6tA_LdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.blackhatrussia.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 00D0 0
289 B 26ms
25ms Image
text/plain 104.64.213.153
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgACGO%252BGsEAAAAIJhgRAw%253D%253D&tt=t.dhj&dhjLcy=1673403073209&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1109.23349&ell=d&cck=__stid&dmn=www.blackhatrussia.com&pn=%2F504-jps-virus-maker.html&qs=na&rdn=www.blackhatrussia.com&rpn=%2F504-jps-virus-maker.html&rqs=na&cc=CA&cont=NA&evid=TNImeWYAYTZz-dVj04M6&urls=!1!431!b-13j,!1!828!b-13h,!1!537!b-14s,!1!0!b-14t,!1!671!b-150,!1!521!b-16f&rnd=1673403076384&cid=c010&version=1.1109.23349&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=98

Requested by

Host: www.blackhatrussia.com
URL: https://www.blackhatrussia.com/504-jps-virus-maker.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.213.153 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-213-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1109.23349&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Jan 2023 02:11:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Wed, 11 Jan 2023 02:11:16 GMT

GET
H3 200 _=300x250;.ads_clickthru._ads.cms Show response
fundingchoicesmessages.google.com/f/AGSKWxUrD0B12bad0mm8Hh0r5vuCjBdZP-JSLJ4dZeK7qnkMo0e7a6Qd53Y41fBiR_hZRCR6-ZluewuhFr_SmVwLH6XfqoSg355XK-UWsybiX1PG0X_Gu_kLneizvYLNAh75I0cWhwnQWf2KjX6RmjS1O0AcOEgED... 54 B
110 B 46ms
46ms Script
application/javascript 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUrD0B12bad0mm8Hh0r5vuCjBdZP-JSLJ4dZeK7qnkMo0e7a6Qd53Y41fBiR_hZRCR6-ZluewuhFr_SmVwLH6XfqoSg355XK-UWsybiX1PG0X_Gu_kLneizvYLNAh75I0cWhwnQWf2KjX6RmjS1O0AcOEgEDUGdage1FR762DtSgJK7IH2ztnBUvRA4/_=300x250;.ads_clickthru._ads.cms?-ads-placement.=adcode&

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VT-LD3ON2oY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwYB6mVTmg817Z643QMdafoxCDIQQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f0df59f73a1bc1e520618dabfb1b6c6ae8e8af125eb44c342dbb41f3c61fd2b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YCk3svKE4w1xnWc-Exm6nQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YCk3svKE4w1xnWc-Exm6nQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 20ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VT-LD3ON2oY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwYB6mVTmg817Z643QMdafoxCDIQQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:34:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Jan 2023 02:34:13 GMT

POST
H3 204 AGSKWxXlpDCmSzluPASmyA4Zl-gRHairoD0GKu2pgv4oZcPIhKh7ocvHCbqqkMwEoVAlispp8K3-aLN84B_DkURvfuoTkIcgSTzR-X-vqCEiNShYpYK3oSXxCDSnbBWqLAx52C6fPkLQUw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 42ms
42ms XHR
text/html 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXlpDCmSzluPASmyA4Zl-gRHairoD0GKu2pgv4oZcPIhKh7ocvHCbqqkMwEoVAlispp8K3-aLN84B_DkURvfuoTkIcgSTzR-X-vqCEiNShYpYK3oSXxCDSnbBWqLAx52C6fPkLQUw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sEn54RId0dXrr8GvH98lmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 02:11:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sEn54RId0dXrr8GvH98lmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.blackhatrussia.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXlpDCmSzluPASmyA4Zl-gRHairoD0GKu2pgv4oZcPIhKh7ocvHCbqqkMwEoVAlispp8K3-aLN84B_DkURvfuoTkIcgSTzR-X-vqCEiNShYpYK3oSXxCDSnbBWqLAx52C6fPkLQUw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 45ms
44ms XHR
text/html 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXlpDCmSzluPASmyA4Zl-gRHairoD0GKu2pgv4oZcPIhKh7ocvHCbqqkMwEoVAlispp8K3-aLN84B_DkURvfuoTkIcgSTzR-X-vqCEiNShYpYK3oSXxCDSnbBWqLAx52C6fPkLQUw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ndMkkhS4h5t_C3Sy2Slt9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 02:11:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ndMkkhS4h5t_C3Sy2Slt9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.blackhatrussia.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXlpDCmSzluPASmyA4Zl-gRHairoD0GKu2pgv4oZcPIhKh7ocvHCbqqkMwEoVAlispp8K3-aLN84B_DkURvfuoTkIcgSTzR-X-vqCEiNShYpYK3oSXxCDSnbBWqLAx52C6fPkLQUw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 48ms
48ms XHR
text/html 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXlpDCmSzluPASmyA4Zl-gRHairoD0GKu2pgv4oZcPIhKh7ocvHCbqqkMwEoVAlispp8K3-aLN84B_DkURvfuoTkIcgSTzR-X-vqCEiNShYpYK3oSXxCDSnbBWqLAx52C6fPkLQUw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1s2gQ0-stbLJl-83uhp9Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 02:11:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-1s2gQ0-stbLJl-83uhp9Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.blackhatrussia.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXlpDCmSzluPASmyA4Zl-gRHairoD0GKu2pgv4oZcPIhKh7ocvHCbqqkMwEoVAlispp8K3-aLN84B_DkURvfuoTkIcgSTzR-X-vqCEiNShYpYK3oSXxCDSnbBWqLAx52C6fPkLQUw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 45ms
45ms XHR
text/html 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXlpDCmSzluPASmyA4Zl-gRHairoD0GKu2pgv4oZcPIhKh7ocvHCbqqkMwEoVAlispp8K3-aLN84B_DkURvfuoTkIcgSTzR-X-vqCEiNShYpYK3oSXxCDSnbBWqLAx52C6fPkLQUw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8k_TPCjOvuoqQAyuAn0wMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 02:11:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8k_TPCjOvuoqQAyuAn0wMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.blackhatrussia.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxX6PH_iZUvWq0mMd5kl0ErDgu60j_-hPlaUtFe6RZqnvlumrSf1ePdepOlfHee725LenLY-dtsAxlYh5T8jdJTD96CuYiP7O8g_fg0UAx1GHRj_IatUU7a0e-govB7sF-ZEr9LBUA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 59ms
59ms Script
application/javascript 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX6PH_iZUvWq0mMd5kl0ErDgu60j_-hPlaUtFe6RZqnvlumrSf1ePdepOlfHee725LenLY-dtsAxlYh5T8jdJTD96CuYiP7O8g_fg0UAx1GHRj_IatUU7a0e-govB7sF-ZEr9LBUA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjczNDAzMDc2LDUxNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmJsYWNraGF0cnVzc2lhLmNvbS81MDQtanBzLXZpcnVzLW1ha2VyLmh0bWwiLG51bGwsW1s4LCJWVC1MRDNPTjJvWSJdLFs5LCJlbi1VUyJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f150d79cf5ac36281dbd69f413146da95d9e13e06412b9eae207c99ae080d40

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IA6-qpDxquKvtMOy-Ef2gQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.blackhatrussia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IA6-qpDxquKvtMOy-Ef2gQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW4VFtJXd6IBUrZ0ctq1ue6VDTN0oSIgEII8E_FeO5tjNEQ9Mfv7YR-T0VMCkIAzPB2zGbUZ0wBRNuZ8HkCKy33_HJths5L5P9nxesc9skJ7OyeTA3QPZ6wmRg3C3KpMfDFsETFvA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
43ms XHR
text/html 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW4VFtJXd6IBUrZ0ctq1ue6VDTN0oSIgEII8E_FeO5tjNEQ9Mfv7YR-T0VMCkIAzPB2zGbUZ0wBRNuZ8HkCKy33_HJths5L5P9nxesc9skJ7OyeTA3QPZ6wmRg3C3KpMfDFsETFvA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CDlKZ6YyV61lLw9V6lskgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blackhatrussia.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Jan 2023 02:11:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CDlKZ6YyV61lLw9V6lskgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.blackhatrussia.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: share.pluso.ru
URL: https://share.pluso.ru/pluso-like.js

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iTWr4/yX/l/en_GB/aSZHSTSawRj.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ek0SDUFa3HY.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/4Mu2lW6i1B1.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/OJQ8gpx7BBG.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3ibcU4/yt/l/en_GB/64zQg4vqE4h.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/v-jiNzKyf8Y.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/zYOdBeToBPP.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/yC-4X5wyzhE.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i30-4/y1/l/en_GB/kMT57KHo5td.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/C8hbKUiuCgi.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iKw34/y8/l/en_GB/XeCx9gP9WBh.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/smKzmPnmZ-7.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/DyS_QgJoRDC.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iKOx4/yJ/l/en_GB/McdQ29v_8qn.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3impS4/yb/l/en_GB/eCXpduaJ45n.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/OaQb38zu6WS.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/RZxjkupmopI.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=0&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0ny0RE2Jw8W1uwc-0pa0h-0Lo6-0iq&__hs=19368.BP%3Aplugin_default_pkg.2.0.0.0.0&__hsi=7187211473157246714&__req=3&__rev=1006804047&__s=%3A%3Abjl679&__sp=1&__user=0&dpr=1&jazoest=21822&locale=en_GB&lsd=va0gjI7HM5hD9Jr7p8y9fd

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=0&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0ny0RE2Jw8W1uwc-0pa0h-0Lo6-0iq&__hs=19368.BP%3Aplugin_default_pkg.2.0.0.0.0&__hsi=7187211473157246714&__req=4&__rev=1006804047&__s=%3A%3Abjl679&__sp=1&__user=0&dpr=1&jazoest=21822&locale=en_GB&lsd=va0gjI7HM5hD9Jr7p8y9fd

Verdicts & Comments Add Verdict or Comment

380 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/ttd	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
i.liadm.com/s	1970-01-20 09:33:15	Name: _li_ss Value: CgsKCQj_____BxCWFA
www.blackhatrussia.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: bq6k8srjuu6e1jhs37t5lpf9t7
.blackhatrussia.com/	1970-01-20 18:11:39	Name: __gads Value: ID=cb79c15324a207b8-222818135cda00f7:T=1673403072:RT=1673403072:S=ALNI_MbAFem9FfPT1qLgSk_wyLuHeHltPg
.blackhatrussia.com/	1970-01-20 18:11:39	Name: __gpi Value: UID=00000906f44435ec:T=1673403072:RT=1673403072:S=ALNI_MZHAsbA2EEpzV9XQwttH8-Te99ZSQ
.dtscout.com/	1970-01-20 08:50:08	Name: m Value: 1
.dtscout.com/	1970-01-20 08:50:06	Name: st Value: 1
.dtscout.com/	1970-01-20 08:50:17	Name: oa Value: 1
.dtscout.com/	1970-01-20 11:14:03	Name: df Value: 1673403072
.dtscout.com/	1970-01-20 10:58:12	Name: l Value: 104016734030727C3CB4B241B197F171
.blackhatrussia.com/	1970-01-20 10:55:19	Name: __dtsu Value: 104016734030727C3CB4B241B197F171
.blackhatrussia.com/	1970-01-20 08:50:03	Name: lotame_domain_check Value: blackhatrussia.com
.sharethis.com/	1970-01-20 17:35:39	Name: __stid Value: ZHgACGO+GsEAAAAIJhgRAw==
.sharethis.com/	1970-01-20 17:35:39	Name: __stidv Value: 2
.dtscdn.com/	1970-01-20 13:07:48	Name: uid Value: 104016734030727C3CB4B241B197F171
.onaudience.com/	1970-01-20 17:35:39	Name: cookie Value: 25f874b7f2b4a1e8
.onaudience.com/	1970-01-20 08:51:29	Name: done_redirects147 Value: 1
.t.sharethis.com/	1970-01-20 09:10:12	Name: pxcelPage_default_c010_C Value: 1_0_1673403073383
.ml314.com/	1970-01-20 17:35:39	Name: pi Value: 3632800557477920817
.doubleclick.net/	1970-01-20 18:26:03	Name: IDE Value: AHWqTUmubIUxOqW1cuoqWhRiIzW3rEWk1PpKvgJOIt5ixWOvsWCRYx8iwzALYnykIxI
.doubleclick.net/	1970-01-20 08:50:03	Name: test_cookie Value: CheckForPermission
.adsrvr.org/	1970-01-20 17:35:39	Name: TDID Value: 70484889-ebba-4b5c-9c7f-1555ae41aa31
.eyeota.net/	1970-01-20 17:35:39	Name: mako_uid Value: 1859e9883d8-fde0000010a496e
.eyeota.net/	1970-01-20 08:50:03	Name: SERVERID Value: 18798~DM
.lijit.com/	1970-01-20 17:35:39	Name: ljt_reader Value: F91DiSZHA67WiadrRb22rX0O
.bluekai.com/	1970-01-20 13:10:41	Name: bku Value: +rQ991WSFZ1wvQLS
.onaudience.com/	1970-01-20 08:51:29	Name: done_redirects104 Value: 1
.rlcdn.com/	1970-01-20 10:16:27	Name: pxrc Value: CMG1+J0GEgUI6AcQABIFCNtOEAA=
.crwdcntrl.net/	1970-01-20 15:18:51	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 15:18:51	Name: _cc_id Value: 2098dff33ee36f692f526484e827eb51
.simpli.fi/	1970-01-20 17:37:05	Name: suid Value: E037D6C2FD6C4E128B5E17BAD4951555
.liadm.com/	1970-01-20 18:26:03	Name: lidid Value: 75143ef0-306d-4925-a526-4eb1bac5ecf4
.intentiq.com/	1970-01-20 18:26:03	Name: IQver Value: 1.9
.adsymptotic.com/	1970-01-20 10:59:39	Name: U Value: bd0e3f95974247110e924d7b56e89ddc
.tynt.com/	1970-01-20 17:35:39	Name: uid Value: CoIKS2O+GsFF77GoNl5ZAg==
.lijit.com/	1970-01-20 17:35:39	Name: _ljtrtb_2 Value: E037D6C2FD6C4E128B5E17BAD4951555
.onaudience.com/	1970-01-20 08:51:29	Name: done_redirects161 Value: 1
.lijit.com/	1970-01-20 17:35:39	Name: _ljtrtb_5014 Value: bd0e3f95974247110e924d7b56e89ddc
.tynt.com/	1970-01-20 10:59:39	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1673403074249%7D%2C%7B%22p%22%3A%221d819f216e%22%2C%22f%22%3A1%2C%22ts%22%3A1673403074249%7D%2C%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1673403074249%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1673403074249%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1673403074249%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1673403074249%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1673403074249%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1673403074249%7D%5D
.onaudience.com/	1970-01-20 08:51:29	Name: done_redirects252 Value: 1
.go.affec.tv/	1970-01-20 17:35:39	Name: ck Value: 63be1ac2d218770001007889
.go.affec.tv/	1970-01-20 17:35:39	Name: oo Value: 1
.tapad.com/	1970-01-20 10:16:27	Name: TapAd_TS Value: 1673403074526
.tapad.com/	1970-01-20 10:16:27	Name: TapAd_DID Value: a7f353b7-4fc7-4dc6-8773-491fc0d2c371
.33across.com/	1970-01-20 17:35:39	Name: 33x_ps Value: u%3D212075679467131%3As1%3D1673403074558%3Ats%3D1673403074558
.lijit.com/	1970-01-20 17:35:39	Name: ljtrtb Value: eJwNyjEWgCAIANC7MDcAgkhbph3EsEv0unsuf%2FovMOzQMVnLJ18L6cSlaierRxNXUlXYQJFkzRE40%2BPqJixGhNNZwobmWTzihu8HAlQTiQ%3D%3D
.lijit.com/	1970-01-20 17:35:39	Name: _ljtrtb_5001 Value: 2098dff33ee36f692f526484e827eb51
.yahoo.com/	1970-01-20 17:36:00	Name: A3 Value: d=AQABBMIavmMCEAUbm1iffRrPPaLzDsMLMUwFEgEBAQFsv2PHYwAAAAAA_eMAAA&S=AQAAAmuDsxnG6jOrs0v2ck8glVw
.zeotap.com/	1970-01-20 17:35:39	Name: zc Value: d4692cd3-2dad-4029-411c-5e55e5a61af0
.bluekai.com/	1970-01-20 13:09:15	Name: bkdc Value: phx
.rlcdn.com/	1970-01-20 17:35:39	Name: rlas3 Value: 0boIYpK9kTcek6vVfCt0isgG9MqDc4E5MtMHYKmtEHI=
.adnxs.com/	1970-01-20 10:59:39	Name: uuid2 Value: 2528948850074157157
.adnxs.com/	1970-01-20 10:59:39	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2HbzvWV4q!@wnf-Te9(>wL5L!!'_+$qJ_(
www.blackhatrussia.com/	1970-01-20 17:35:39	Name: LTFSESSID Value: b93t3vhkiq4dri9qku3c69hkd2
.analytics.yahoo.com/	1970-01-20 17:35:39	Name: IDSYNC Value: 199z~29cq
.retargetly.com/	1970-01-20 13:09:15	Name: _rlid Value: 33f1d8a4-4945-43ce-8906-e50136702404
.turn.com/	1970-01-20 13:09:15	Name: uid Value: 3656611185477979346
.adsrvr.org/	1970-01-20 17:35:39	Name: TDCPM Value: CAESFgoHYmx1ZWthaRILCM6Nk-Tk4Lk7EAUSFAoFdGFwYWQSCwiyteXq5OC5OxAFGAEgASgCMgsIvI7BmvvguTsQBTgBWgdtc3NtMTE1YAI.
.onaudience.com/	1970-01-20 08:51:29	Name: done_redirects219 Value: 1
.go.affec.tv/	1970-01-20 17:35:39	Name: pt Value: eyJhbiI6eyJkdCI6MTY3MzQwMzA3NCwiaWQiOiIyNTI4OTQ4ODUwMDc0MTU3MTU3IiwibHMiOjE2NzM0MDMwNzR9LCJ0dCI6eyJkdCI6MTY3MzQwMzA3NCwiaWQiOiJDb0lLUzJPK0dzRkY3N0dvTmw1WkFnPT0iLCJscyI6MTY3MzQwMzA3NH0sInRkIjp7ImR0IjoxNjczNDAzMDc1LCJpZCI6IjcwNDg0ODg5LWViYmEtNGI1Yy05YzdmLTE1NTVhZTQxYWEzMSIsImxzIjoxNjczNDAzMDc1fSwidiI6MH0=\|1673403075\|d2081445fcf887280b8d2e0f81ff6300b7a4d73e
.tapad.com/	1970-01-20 10:16:27	Name: TapAd_3WAY_SYNCS Value: 1!266
.krxd.net/	1970-01-20 13:09:15	Name: _kuid_ Value: PT7jGYgR
.zeotap.com/	1970-01-20 08:51:29	Name: zsc Value: +%AD%12%EB%DF%E3%91%E2%29%28%5B%98%D8%C7%CD%9F%8B%D08%B7g%83D%02%CC%FC%A3%EE%D9%CF%CBO%83T%2AG%02%5C7%C4%16%E1%3Dh%94%0E%D0%0C%7C%F1%DF%8B%24%AD%91%B8K%DC%C1%AB%BB%99%A4l%9B%9B%BC%BE%03%96h%FE%7D%7C%96%9AP%EF%C7%22%60A%D3
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 28
.blackhatrussia.com/	1970-01-20 17:35:39	Name: FCNEC Value: %5B%5B%22AKsRol_cVtEfftb_dDZM4fAyfbVoyfjfeskoXyktkxVzNJeAtjBB8x6HSLLXyoiPmNTkYg8SNi_aBSeQM6b8UtF9E-S2NJwJLO3nMaboTUqqR9PNB7wtJDC98d8RV3WZzgj6EpzPcjKRGlSHJaNiNaVMk_tb5S0sNA%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.blackhatrussia.com/504-jps-virus-maker.html Message: Mixed Content: The page at 'https://www.blackhatrussia.com/504-jps-virus-maker.html' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/iwZgykd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.blackhatrussia.com/504-jps-virus-maker.html(Line 475) Message: Mixed Content: The page at 'https://www.blackhatrussia.com/504-jps-virus-maker.html' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/iwZgykd.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-3926942378526699&fa=1&ifi=6&uci=a!6&btvi=2&xpc=Xxh0dPOusA&p=https%3A//www.blackhatrussia.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
adservice.google.ca
adservice.google.com
ap.lijit.com
api.intentiq.com
api.retargetly.com
bcp.crwdcntrl.net
beacon.krxd.net
cdn-tc.33across.com
cdn.livetrafficfeed.com
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
data-beacons.s-onetag.com
de.tynt.com
dp1.33across.com
dp2.33across.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
get.s-onetag.com
googleads.g.doubleclick.net
i.ibb.co
i.imgur.com
i.liadm.com
i.postimg.cc
i6.liadm.com
ib.adnxs.com
ic.tynt.com
idsync.rlcdn.com
image.ibb.co
livetrafficfeed.com
loada.exelator.com
loadus.exelator.com
map.go.affec.tv
match.adsrvr.org
ml314.com
mwzeom.zeotap.com
onetag-geo.s-onetag.com
p.adsymptotic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pd.sharethis.com
pixel.onaudience.com
pixel.tapad.com
ps.eyeota.net
scontent-yyz1-1.xx.fbcdn.net
secure.adnxs.com
share.pluso.ru
spl.zeotap.com
stags.bluekai.com
static.doubleclick.net
static.getbutton.io
static.xx.fbcdn.net
sync.crwdcntrl.net
sync.sharethis.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
waust.at
whos.amung.us
www.blackhatrussia.com
www.facebook.com
www.googletagservices.com
www.gstatic.com
share.pluso.ru
static.xx.fbcdn.net
www.facebook.com
104.126.112.185
104.18.36.173
104.18.99.194
104.243.38.177
104.64.213.153
104.71.223.212
107.178.246.49
108.138.128.46
111.90.142.140
13.225.223.33
13.32.164.88
139.99.46.91
141.94.170.77
142.250.65.162
146.75.36.193
172.64.152.222
176.9.188.20
18.160.213.86
18.160.225.62
18.220.3.90
185.150.190.236
23.92.190.69
2600:1f18:ed:550a:e5e8:a01c:2029:474f
2606:4700:10::6816:1957
2606:4700:10::6816:4bab
2606:4700:10::ac43:8f4
2606:4700:20::681a:407
2606:4700:20::ac43:4aba
2606:4700:21::8d65:780b
2606:4700:e0::ac40:6a19
2607:f8b0:4006:809::2002
2607:f8b0:4006:80a::200e
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:81c::2006
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2003
2607:f8b0:4006:820::2001
2607:f8b0:4006:821::2003
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2002
2620:112:f002:bbbb::23
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f00e:13:face:b00c:0:3
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f103:83:face:b00c:0:25de
3.135.147.228
3.209.207.39
3.216.210.67
3.218.90.66
3.33.220.150
3.93.209.92
34.111.234.236
35.190.60.146
35.194.66.159
50.16.197.56
52.203.85.239
52.54.29.118
52.55.144.0
52.87.94.71
63.251.86.50
67.202.105.24
67.202.105.32
67.202.105.34
68.67.160.117
68.67.160.186
76.13.32.147
01bdd97a69283e5ae6d25f2860315323371c9303354b4dc3f319208de461c407
04e9c240716aa7e55a6d14ed5d1a25d6197318667272e094f3953ae0a68b9c84
0587f0dd4df7fdddf5d4c8187c0e4e21477d031f6742c13aeaea2aa241d246ad
0802724f132e8f7749d4ba1f62c56c5dc20751e609d0d8b4388f92c9080e46c5
0af14c8c1c4106987297a09656d22bd9c5806b53a1d734e834442165b01c17f8
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774
1041e2fdb1f8465e357657582b9762f06ef2e4138f325af166b77f9e0ea3c61a
1aa370900df006263e1ba5e61a0ac4551eb7a63f52e3267a8b611b20365e1c4e
1c393b92d355a2f6e93d7ba5e4472b6bc9ff9c97802849b9c69475082f575197
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
22c55af9e1447d0b4e3cb9c8b94c21a2750715ada4ff59c1cd86ef7f9d81c890
23b758bb167611d78b15c93e8fc82b536777689aa548609f7c4878fc62a87d5d
264baa03bd9e863a79e9915997569b4683bc42d14bbb4cf1e211785ba00b3807
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2779736f62bfffeea1b95c49ebf3471d3aeb1eab2c6f841bdc1433b8fb41325b
279dc4487d3289e26a1937df1038d0cfd2b20bc9a60614505785877f4555ff6a
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
296247758cd17ebfe15df00e4985186a0582ff9bd6ad822a23f313b7e4643ea1
2a15880567b866aed84bd0648fdf61b4160504cc87d40b006fa7e49e3a871abe
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b46b8b2bf6ea470afbe9d4a2343a3e5d7c37774159decfbf0d475bcaeea7f00
2c996f142c6fbb1ed7630b7fd168b3c75097183bb1b2a237567cbad416c85a09
2d76b33072a42f83f92053b67f94eeb353a1ac8411b016d487ecaa2f61a9f4ec
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f0253a9ee6c26c1c960191a7f349ced5600d94d5fe6e7bfc3dcc9125a963e99
2f74b1ba072844222702e7b1c2aa5e74ac34c69d4ec3563de0bfe847fd5b4b7a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
35038446d0cae0d4cf68472310f8c4e3775f84d4a6c51036fb52c1276c8a5ef9
35262a573730eea21d8065f9a033ec10aa1291bc20c24b73f7daed2131149f54
369247e6f5db79743e426de4bc85cc8c88b06b8cd99101549dcc4405299641f0
394af34fbbb3777adedd97b17c69b82c8fd4f19dfb7f19dfbeb3db942aaf282d
3b616cb4a1bfb84e05290d4d6207756780744db8f3f8acf6cbc0add286033df6
3c085334e6b44f6cf23f51bed0eadaca9839f2794bc1ad61923169b2efbfee63
3da48afbe47fc124def22b7f1998aaf96a0d8d5d5652232fdd545cd550135794
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f1cdebfe02e8e40b8f88d9166bcf096678cf8f907fa736b13e99412479af55c
40165464d0480a04dee0097ab6c7d2a4f9c55f015f10d4d8bd61866350f60be6
40d72f3167ef8511df6ad2b338725c009035ba55e5345bcd129df95594501838
41f6c5b77e3c08989d86e040dd5d0fd9ad3c06cebf403f7a61b8eae588552d8f
42319f941cd9da4e2937e856dbb573f3fa9fb05e6784a5fb3761f7b8c91ac724
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
44f64a791a0b737798b53e003542396761dd28b2f76521dc881680a2ce403930
45415e4c64ace5c09fd65c97eb4a0ceee32b45ff9ab88967065fbdc06dc34955
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
45f82f27ae9a9bee73235cd59e7f74c140fe7e6543e99f5c6f82e1b680e93e29
46cc4c97b829990f5c52fa98976d9ca6edf49e1b382862d5475c473145189f0c
4abdd9dd13f76f5b41694dd323088a892418dc5f97294f97a1ecb0a454b8e017
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c444545c886a942c71cda6fac3897448c6c6509593ab8a4792856ea2818aef2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4edc254f31f2ee5e3168241fe3326c6fd09b27494ef8203da7bdb3a412753cc0
4f191b29b5a82acb4699caaf1626cc8a32aebb336ba7e36e722760092424d8dd
4f69f08cd476d60ce542535a120905e0f92a4abb1d263d20dc843728a44baca8
515ede607a371ac0bddfcea4e9ce6f528ee229dc574dd4ca5a30712cdb554649
5180e76115ebb9ef78950d34426aabe5ec6b1acd59a5f09b7291787ad3fa23aa
524fc915502b482604dba0137ef9d46ff83b88ca0816b5991227676a0c725f54
52a1ce24fad08cd8b6e8dc4965500968b038f52cf541a03a34cfc3cc31b02c80
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
54421d081cfd30b3485b23e60c6167ca4140fc9083abbab48a6f69004fec77c4
57e9ad580b54eba7dc56873cf55d1d9f6b26983a46e7f349251e96eb0b24c5b5
57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18
59667999cb9c386a2f9aaaaf10ccb653bdc851588fb31fc43c9f288d14528d61
5a11719a42eea536a822b78a95b6271a7e4a654b6b59d5347ecfed45f0222607
5b0c1d0df4edb116f07c971d25d11314668f6d55942bbaff75317e92cafdabc9
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e67e63d75cf6e60ad0c2abe2ac0eb45dea806e36fd5c441a50dd9db7b54d3d4
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
5f0df59f73a1bc1e520618dabfb1b6c6ae8e8af125eb44c342dbb41f3c61fd2b
5f349b0fb431d03e459f2d5a45fae95e1961ae71976a01838cd30f3bf04f9ca0
6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7
61c5979cbaac3c6fbccb70a47704f3b362e1e5136065d778a6fb0772a6627268
640c1c9b54961c2788bdfe8b114268aa69cd7aca4fe82aa8530cadbd7c164d25
6457c2187b16c9c65af6f4f122f5f7730cb041d0a90b08ce57399db86b5fff83
6641876bf2a6ecd52296690f0f99f3aa09ede6d238d8541e1285a2c002a04de1
6671beab7b23ab986a734fe2da51ea0c98caed1955a5ba198f3d1ca15028ae96
6691c17050e97fa3a70eb75b6da5d601b461af4d26b954f87dcddbf354f61eda
669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67
698bba7b1bfbfb7328aca6068c65d12d9c226de02ad0968aec817b29ec2902da
6ac66d14be70fd7ec78f83e9d13e69d7d7d2298b7878c2631a056462fffd9f69
6dce12d20a02bdf4a53d4e141f645a57f999eeb9b1e53cd77c73ec9e9d242c8c
6eca1a574330e6c7e9393786778a2801ef56e45ce5576936858d79ff89306079
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
71bc4cd2d6567eb94df35e68918e17e56ce1814dd5855916da1e3c04a252f273
7463892aa3cd85096c84caf30395737dcece130390217ee71745efaeaa1f5f33
76a3a9195a6a842ef912bd3b18e91aece73b4d713f878542885f80efb3ed7d3c
78009d649db9f062dc6e568dd4f35e634440b36534d063f788f465af1f3397d9
78b81382f5c9d318e9af09e68aaca6dc8ebbcdc911204ba2cc25eb4b5d5ef7bb
79a558856447a11241f7dc84b91cf5503eb748367324b74fd8a37d7d270ac08a
7a1f85ce69c4f8f6486cafc213676862b1915da98624a570076fefaff5ed8b61
7b8024b208e65bd2ca597e670663ab72adcf54d490cd7c25017e08766c421f4b
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3
7c727e2faba8bac6ff122915c7a7bd573e5f01ff2d721e0ef1951c98ac6d155d
7d25c62b881f7877c0f90f76bc5c14f8dcec37bd70861cd8c7365fde3a34e858
7df5b6c8239ea246e7da0f5cf477856f979b15304314943651fc486d7fb191c4
7e0085a77923b9e5a13ae8105a8e54337d44464f114e6d9c58a3c06a9cbcbc61
7ebe3d9862ecc191accde39c1b4bb8f97a0517e4b0c49d687511b443513e7145
7fccdf59f5dec8ddbf11ed9f5e28cf80e6424389a35d5a4b76ef39f2df02f8be
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
878a805646818652aad49b5079fefedfbb8c3eda3fc9f3fb33b6d0930a193d3d
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8ad14eeb748eee6a429d326f2232cac4917e4a1d798126911407094f13ca0bcf
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
8c34c37291ee6d38191ac0a84ef1aedde856af334a96245759d0482912edb067
8f150d79cf5ac36281dbd69f413146da95d9e13e06412b9eae207c99ae080d40
8f6a6fda1fdc0a8a8ba1494660498fd978611bf1046409dd648cb7829716f5b5
8fbdc66296c690774b587a41066b1c9885af80b110519e975bc00b8a2185599f
8ff39e6372d5b6aafdf5c31f552473bd8b4467e69eaded77e774e0b277bc352d
9077c27ebbf4f8068bed10a29d7a83fa429556c51c8822621a83092b6f07e788
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
931afd0e47554a61b50d49e2aab0102cf6f47ccda0c913f660c06bf50abacc62
9349ad507ed6ca736793df7e59c7f6c4957070a8f1b96400cd329d13d27dad7f
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
968a67e4175b747bc7ce09cf87bf6fd5a75bb895e0885ed6bfd19be70a8f1d73
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97e2c43cec6a899062fa577fa6ea91618ffdcd2d3d335ad82568fc5357ecee31
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9dab070ee75ce06cf5e8bb6ab989f0130e40f216a1a717d6a0538a57f5143fec
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9e9b285b5e45a18e857a34c701dd7dd6786bce395a6b5012f704c850f2656e58
a1caaefb8c930c268f67d6fe8949d4814bbf7084b473145418f219dd148f2600
a4667dba2a203d28710eb217ab0f81b8b573affebdc0b75403feac41f90f5ade
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4edfb51580ba371d65e854067e00e266ead24cae660590d8bce25149c1f064f
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
aadc5fcd61829a409715ec0e59028fd50a24b2685a9a51a7db9f0dace6be97a3
ab36197482cd2687f3101b72a2dac90158dd89bc96525b813716e373f305f7a5
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad34201d4c41639d502a2c6750ea9d7b546a1843be8bd3599689a62e391bf3d3
ae7ec2d7b6b5b9a8a0d4f2c0db037b2ca73e0c5172aec3b2248dd31ac2e02d24
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43
b1dbd5e9b983ca4093726df38adf8c99cc5d63848302473b1f0d46a7b372b552
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
b71bf9cacb58184608d2d7a32df54f121634e541e4d110d5d10b05ebf1b57f46
bb7f6e1486453d58409d542e4822f5d950eea4a9465ba9fead09fcb2c8ebdae3
bbb07817cb41eed7ebcefd43d61c943fd5faa9a8d3aab0f04ae71078cd340496
bdbca38a6436221f0c4c54f15947bb5ffa4f3df0c69d448a9f14869d3b6b6b40
bfa8ea15943e4e7b24da7ab58863a69525f610574d004fcafe3a3a786f21d33a
c0592d1c43cb957f92dbb1ff08240a1c8faabc1eeb9e7186be2ce918dfd53da6
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3f7ce70d37f721facab49d8c60c3101a19bfeb04c13248610b7b7e0c4cc1e36
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c7eb42b5e9047e099b2ea68e3fe3c35b8d3ff0c89262653d977c289262bf768c
c80bdf77d8aa8b99d5ca9155a6acf06ba56f0fcd3e01579d35076b32eb5a9458
c88417d536eab670b2771f604d69cc2ec6136abf5109c78e7c9fd6b0d0282220
c8fd6ea126d2748adeb15a421ef1df9144a3c65b4b4de51941d451eb890288da
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cab08d59ea275b9acd0d010b3f9c82fcd2d681f890b73923669440ff8a04dd50
caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cb5e107adab2efe0c166036d3f58c31bcd33bf108eb163dbc25546e1887b77bd
cf3043323861959644571a483d5b303586e5b7d769dbd270ade27d5460fd7514
d3c42ad0fea264e8eacd4c38c8a87d9a9e2c8c822a2b57431f40cd531a1b7698
d5f217f130aa1998f0793687d6f322e2d94564df55fce37c32a52970711fa65d
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
d7e105bb9ebbf3f8bf7ade2a542de214bd3c2ff0063a1ff420c4e02ae2bce467
d83f8be07f0b015b347a491c8429eea4bdedc305e983a2a4118e8f1a09631957
d8e226c0eee98736ce4bcdce5e6ec8583307dadbe2f1c148aef9ba0030f48d46
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57
dc34de445ba8832cab0364fbe8b5e8c3ea3125d6ee3cc49d7709c00b90ad0d39
dc380623bd5b9928e5e4c622b7284d2e4ece3ff81af64acadbf7b6f942e35f6c
dc4011963ae78755e6d80fedcb6873ac44ff90d78a60d8e705e2c1b18bc5208a
dd90a17b12f7d2e3eb3900dae021597d014ea62de7a37319d80150b6e2ec7ea6
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e01a7b72d9a3b6befeff60011fda291e59c2d40d3a43c191f901e111352f6f82
e04e2b4e27ae9881b1e161954cc00ba16c8c3a0ce73a179824756353efd6c481
e256d90249ce85b704f18debe2fc7a2317fe87a9a0f4c73ba7fdae7f38b97063
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64da46ace72a8f3464880f0ee884675137c404432ee3685a467d675b3cf18bd
e748d47e0930e87a515df7e2a11e9d797dd670598254900fdbd654593f001a9a
e89f0d101d83439e236dc40a620b683911cd40f4622f442934e6462cbf38b94e
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ecfb75e22f818b951efebc894f3071187a0982c2921f7f5f894b9b5e8ca4351d
ed9906a09c938aa10979a0a3f8fb2f5b43de8c99db8be1c6864aaedcb5567ee4
ee0a8f7c94500d949600f170f152f49fcf8edc48d060f59d7141db0b4d113589
ef01f87509581efc27e524eb05fe40dc50fd84867d1b61060dc0f2fa957791b3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d00d2b1105c2e78c8ce501c375b86d495e86d5451ea08b439ad0b9270d3ab8
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f782439ae42a116ca564bdc2db6c84e3210245431053efb3661fb8c743efabe4
f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b
f99a2c60ac365f5cebd3b520372c07dac909708e0fb5f8848a0a967c7fc0b98e
f9a15758712d4b4383b841aa761336c78c066e69f96dcabc452f7c740b972a49
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fbf5f721136787516b7fc3e956e42a3641ca2c9c5b7bde64b75a9cdaeba6099f
fefa32ad872f2b96cff1cc691d76311ed9106248775da310f71d56f5ca693717
fff97bb5f388660cf4e6e81941a2268183151db6560b5cba459b352b77680543

www.blackhatrussia.com Open in urlscan Pro 111.90.142.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

314 Requests

83 %HTTPS

36 %IPv6

49 Domains

75 Subdomains

53 IPs

7 Countries

5954 kBTransfer

12266 kBSize

66 Cookies

12 Outgoing links

Redirected requests

314 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.blackhatrussia.com Open in urlscan Pro
111.90.142.140 Public Scan

Screenshot
Live screenshot

Full Image

314
Requests

83 %
HTTPS

36 %
IPv6

49
Domains

75
Subdomains

53
IPs

7
Countries

5954 kB
Transfer

12266 kB
Size

66
Cookies

314 HTTP transactions
8 data transactions