urlscan.io logo urlscan.io
SecurityTrails logo

ninjateam.org Open in urlscan Pro
2606:4700:3032::ac43:d618  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://url8350.ninjateam.org/ls/click?upn=7Kd20yRakV5TWDEvMZKHARABeIFeG-2BkOzfB9hX-2BjVb3-2FMFF2yuITCaSVLBdjYNV7zTTeEllQ6F9Hd...
Effective URL: https://ninjateam.org/email-confirmed/
Submission: On February 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3032::ac43:d618, located in United States and belongs to CLOUDFLARENET, US. The main domain is ninjateam.org. The Cisco Umbrella rank of the primary domain is 491941.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.
This is the only time ninjateam.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.115.120 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x120.outbound-mail.sendgrid.net
url8350.ninjateam.org
9    2606:4700:3032::ac43:d618 (United States)

ASN13335 (CLOUDFLARENET, US)
ninjateam.org
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2606:4700::6812:1c5b (United States)

ASN13335 (CLOUDFLARENET, US)
client.crisp.chat
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:400d:808::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
10 ninjateam.org
url8350.ninjateam.org
ninjateam.org — Cisco Umbrella Rank: 491941
224 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
467 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 18
42 KB
5 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 22041
150 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
2 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
223 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 3701
562 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
stats.g.doubleclick.net — Cisco Umbrella Rank: 160
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 93
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 109
95 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 114
1 KB
43 11
Domain Requested by
9 ninjateam.org 1 redirects ninjateam.org
6 www.google.com ninjateam.org
www.gstatic.com
www.google.com
5 client.crisp.chat ninjateam.org
client.crisp.chat
4 www.facebook.com 1 redirects connect.facebook.net
4 www.gstatic.com www.google.com
www.gstatic.com
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 connect.facebook.net ninjateam.org
connect.facebook.net
2 www.google.de
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com ninjateam.org
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.googleapis.com ninjateam.org
1 url8350.ninjateam.org 1 redirects
43 14

This site contains links to these domains. Also see Links.

Domain
yaycommerce.com
1.envato.market
wordpress.org
apps.shopify.com
profiles.wordpress.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-24 -
2023-02-22		 3 months crt.sh
crisp.chat
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://ninjateam.org/email-confirmed/
Frame ID: F80C13DE9DCFDCA30C2443C48752B6AF
Requests: 34 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df81b5d82163384%2526domain%253Dninjateam.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fninjateam.org%25252Ff3f4abf36347e9c%2526relation%253Dparent.parent%26container_width%3D355%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fninjateam.org%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse%26width%3D500
Frame ID: 49044B0291253BD7C8C35D2C558C49D3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetjLcUAAAAAMptYGLwWGzAXoFeaxo-Sz_pqFWy&co=aHR0cHM6Ly9uaW5qYXRlYW0ub3JnOjQ0Mw..&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=k4w7eli422g5
Frame ID: 3C037BB937E117D60621E535A2FAA88D
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C5BB57369B4ED4F2E4F2DC864E8C550B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Email Confirmed - Ninja Team

Page URL History Show full URLs

  1. http://url8350.ninjateam.org/ls/click?upn=7Kd20yRakV5TWDEvMZKHARABeIFeG-2BkOzfB9hX-2BjVb3-2FMFF2yuITCaSVL... HTTP 302
    https://ninjateam.org/mailster/confirm/013671d2782cd4ea2a55af9501b83f93/4/11/ HTTP 307
    https://ninjateam.org/email-confirmed/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

43
Requests

100 %
HTTPS

93 %
IPv6

11
Domains

14
Subdomains

14
IPs

4
Countries

1224 kB
Transfer

3762 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url8350.ninjateam.org/ls/click?upn=7Kd20yRakV5TWDEvMZKHARABeIFeG-2BkOzfB9hX-2BjVb3-2FMFF2yuITCaSVLBdjYNV7zTTeEllQ6F9HdU5ZQbg-2B9ylzKKBWBYpVO5BMbTvGAbhr8gbpK3F-2FwLinTwjiZWqxbQZy_MJfGDTUoXuY6WZxS0H5xfb51rm3wZpjZIGKBfxnp0Dz7FCz7-2FF9czNQ3CsE5X2HECyYUNxNCq084W9-2B68OhhZmyUZ8jEgVLZlyrkQxmwJeJTC1zIX9F41kQOcTHYOa8wjpHvzowD3NqZ1FdQc6eGasH99m8feexIP9WV9VJ3fmuKzNsDQUnGPmdvcomyZvUufoTWIkhq-2F7J4b32D8u8M9UoM7NlzCrItTLJTqOSuMnQ-3D HTTP 302
    https://ninjateam.org/mailster/confirm/013671d2782cd4ea2a55af9501b83f93/4/11/ HTTP 307
    https://ninjateam.org/email-confirmed/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df81b5d82163384%26domain%3Dninjateam.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fninjateam.org%252Ff3f4abf36347e9c%26relation%3Dparent.parent&container_width=355&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fninjateam.org&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false&width=500 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df81b5d82163384%2526domain%253Dninjateam.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fninjateam.org%25252Ff3f4abf36347e9c%2526relation%253Dparent.parent%26container_width%3D355%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fninjateam.org%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse%26width%3D500

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ninjateam.org/email-confirmed/
Redirect Chain
  • http://url8350.ninjateam.org/ls/click?upn=7Kd20yRakV5TWDEvMZKHARABeIFeG-2BkOzfB9hX-2BjVb3-2FMFF2yuITCaSVLBdjYNV7zTTeEllQ6F9HdU5ZQbg-2B9ylzKKBWBYpVO5BMbTvGAbhr8gbpK3F-2FwLinTwjiZWqxbQZy_MJfGDTUoXuY6...
  • https://ninjateam.org/mailster/confirm/013671d2782cd4ea2a55af9501b83f93/4/11/
  • https://ninjateam.org/email-confirmed/
38 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ninjateam.org/email-confirmed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d618 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51cecf0f0091a5627959311b342da84a83439e41b32268f7fb6f8e7946c399d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79984a93fc583837-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 14 Feb 2023 19:43:12 GMT
link
<https://ninjateam.org/wp-json/>; rel="https://api.w.org/" <https://ninjateam.org/wp-json/wp/v2/pages/29362>; rel="alternate"; type="application/json" <https://ninjateam.org/?p=29362>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2dZMbMEitBtNKfJ5Ymv%2B6FBtuvD4J91W12K%2FfprDQwmyMGGRlPvhWdzNBTMOg%2FctkLDFV3heAZT4lvndsuOMRs8AdpiTB6M7t9zCUWx0%2B4XTsqLQ8MXPMUwqiUBI%2FG6tDGDVxRDFi5K%2FK3U"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-litespeed-tag
365_HTTP.200,365_page,365_URL.60c34986ddc5c1394b539d85e044f022,365_Po.29362,365_PGS,365_,365_MIN.410c8a0b184252bd11965c83c5b261fe.css,365_MIN.530035170cfc7ff766611206f4620a49.js

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79984a8f6d273837-FRA
content-type
text/html; charset=UTF-8
date
Tue, 14 Feb 2023 19:43:11 GMT
location
https://ninjateam.org/email-confirmed/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCsqB%2B8YDAGPUtI5Uwqvt8CdrImTb4xm166gKGKp2ymRBAzsf3znGrz6PPbeKhc%2Fzh2%2FyHSfhayQ4C9HITdqcrfbyDhlvIuUIf0HDaWJDoao1vaBP3StDQtTx3Vajo%2B0RKyzLQhw6s4qsx91"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
x-litespeed-tag
365_HTTP.200,365_HTTP.307
x-redirect-by
Mailster
410c8a0b184252bd11965c83c5b261fe.css
ninjateam.org/wp-content/litespeed/css/ 		498 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ninjateam.org/wp-content/litespeed/css/410c8a0b184252bd11965c83c5b261fe.css?ver=09054
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/email-confirmed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d618 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bc65777243b1114b2e5a5da5d87b9db6c45a7fe3db71707760104a5f1abaadd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/email-confirmed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Feb 2023 16:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63da91a9-7c684"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLO1WxgSRlUHlcpP%2FPDdkP2Ly4csc%2FAu23B61%2FAGxECIVWbaHobj4S4Ell62C9Jr7Vs6vl4j23zricwLoQ0qCH5%2BJAZrYTLrbwYst%2BcHGThFbmB%2B87m4CaBpvGZDM2ItKVMC%2B5bUBg5NjZ%2BM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
79984a976bc02ba3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 15 Feb 2023 07:43:12 GMT
ninjateam-logo.png
ninjateam.org/wp-content/uploads/2020/10/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ninjateam.org/wp-content/uploads/2020/10/ninjateam-logo.png
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/email-confirmed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d618 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eca23f0b7f1e8795d3043fc9dd048551bcc23ce22268355502f85a8a6e46f7b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/email-confirmed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1002549
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5176
pragma
public
last-modified
Wed, 07 Oct 2020 03:13:04 GMT
server
cloudflare
etag
"5f7d3240-1438"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5G0C85R0LXpWBR33wHjZCkbys1ZbGB%2BOM2YNdhPpB3KBP6xkXjjMv9fPyMZIoz8xjXCPa4FqSDwD4g5MB%2Fomn9GDfJ0usth0RFW9oogJvolujbUWjANwmJ9yMv0ByzfxenUHv4c65F25F3do"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
79984a976bc32ba3-FRA
expires
Sun, 05 Mar 2023 05:14:03 GMT
rocket-loader.min.js
ninjateam.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ninjateam.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/email-confirmed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d618 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/email-confirmed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 Feb 2023 12:46:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63e4eb3a-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KeuCIUBcVQQRv%2B50yxH7LlF5kxh5Q9yO0V4S%2FhEDfDJcEwXLeMzkWENvfhddubzBSmUvNTuLEfAQ7xRpHyvh0R1AxAf3tmBlf0tID8fVfeMLye9HM21qF3%2F%2F4ZXRUpFJ265Gg5hBv8FC1k7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
79984a979bf12ba3-FRA
expires
Thu, 16 Feb 2023 19:43:12 GMT
entypo-fontello.woff2
ninjateam.org/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ninjateam.org/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff2
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/email-confirmed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d618 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f260ff280b2e54e84e6f9c2790da49cc9abadc457b77d1df4dea121a8c8ab6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ninjateam.org/email-confirmed/
Origin
https://ninjateam.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:13 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39220
last-modified
Wed, 01 Feb 2023 16:17:24 GMT
server
cloudflare
etag
"63da9094-9934"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BC2BgKNxzBwbVFYccJc%2F2%2FbyyF6NRyTdfAlWdHlQyQbenYh0Kk3FqrzPdLEz84I%2BkENKRrXDz5eoa0pKuOSg%2FywxTSUkW0ogCnGyZdyurwVd0gN1946edxYnFgfrVLECrm%2FNJCPWSXZouv5t"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
79984a9e0d352ba3-FRA
530035170cfc7ff766611206f4620a49.js
ninjateam.org/wp-content/litespeed/js/ 		168 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ninjateam.org/wp-content/litespeed/js/530035170cfc7ff766611206f4620a49.js?ver=09054
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d618 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aac61fb279328743396a9fa96c69cc4817639712168c8afbb7e5918c34095c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/email-confirmed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9520
cf-polished
origSize=171659
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 14 Feb 2023 12:00:02 GMT
server
cloudflare
etag
W/"63eb77c2-29e8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQNadTc%2F3ty7qgnt1lb%2FE2DXjToKVnuBiHPoE%2ByfEPMm9u19U86SZF3hBL7T0DFz0udtohyrvep1zwx4%2BQoRBSTp0L%2FN3DLRUHuPd08Eu%2Bfmg4LvZaccXaXY7s43KpPuAymLodKuyovpvH1B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
79984a9e1d502ba3-FRA
expires
Wed, 15 Feb 2023 05:04:33 GMT
jquery.min.js
ninjateam.org/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ninjateam.org/wp-includes/js/jquery/jquery.min.js
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d618 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/email-confirmed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Sat, 31 Dec 2022 02:59:56 GMT
server
cloudflare
etag
W/"63afa5ac-15e54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zRNsQ%2FArpZ19D6kni1v7ig%2BkVzV2fgL16M9yWQ%2B19Qk3cqaF2zuDhoOUeiRiB1vC7LgEptpGwINH8kvh6aOishwtuGGV3J3Df4%2F%2B3VPsQnEHH0QIFSu%2BAgjuBN3f1WxXChF9LUSwzn2LCt2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray
79984a9e1d552ba3-FRA
expires
Wed, 15 Feb 2023 07:42:06 GMT
gtm.js
www.googletagmanager.com/ 		136 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PCPS44
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/email-confirmed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b948079438e403467c4eed36bfa2c5f7267bea9b7a983c795e9c2c16a0ce6663
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53002
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 18:22:47 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Feb 2023 19:43:13 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-50193211-10
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8817ecfaa9e973d938d9c9f79b7efe1df77bd2f2f6bca349c34d30bb7d8aac76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44115
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 18:22:47 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Feb 2023 19:43:13 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/wp-content/litespeed/js/530035170cfc7ff766611206f4620a49.js?ver=09054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 14 Feb 2023 19:43:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
5YBIu4aA2t5FPzQGx3cN70vWU+ytDUmYiIDKLqKpNR485e8DaLnhyreTYmrxO8uQD7mOqvK4rZEpQ9EnCfK27Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/wp-content/litespeed/js/530035170cfc7ff766611206f4620a49.js?ver=09054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
06489e93f3a45fe4c6a66721dc1cfec4060fef4471368063825443fca35c1e3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 19:43:13 GMT
content-md5
4mkj3zB+cDtRVB4cC1j8uw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
5gu0gW+WCInLlYsL3KxXPEICiVg3Lsqluy8ez4OoC2/LrD6hPEFwjPsEH6tUxytUArDYXXfBaSudw6fBzyNF2A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
x-fb-content-md5
447d0bbdfb2cee72b1999ab1daaeea76
cross-origin-opener-policy
same-origin-allow-popups
etag
"28a2894a8f378f28e405d6ee7f0fb1cd"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 14 Feb 2023 19:56:57 GMT
client.js
client.crisp.chat/static/javascripts/ 		400 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/client.js?b91e513
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/wp-content/litespeed/js/530035170cfc7ff766611206f4620a49.js?ver=09054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
995757a43ac7a59736fc4e5f5f17627c7713f17b97a736fe5b6c0bfdb46fa5a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
9051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 13:12:02 GMT
server
cloudflare
etag
W/"62a737a2-63ffb"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
79984a9f3f5930f6-FRA
access-control-allow-headers
Content-Type, Origin
expires
Fri, 11 Feb 2033 19:43:13 GMT
client_default.css
client.crisp.chat/static/stylesheets/ 		346 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?b91e513
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/wp-content/litespeed/js/530035170cfc7ff766611206f4620a49.js?ver=09054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f571b2d2f2e9ae76375f3c9d481387beaa4abfad1ea958931ba93513b0584b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
9051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Feb 2023 17:11:27 GMT
server
cloudflare
etag
W/"63ea6f3f-568bb"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
79984a9f3f5530f6-FRA
access-control-allow-headers
Content-Type, Origin
expires
Fri, 11 Feb 2033 19:43:13 GMT
avia_google_recaptcha_api.js
ninjateam.org/wp-content/themes/enfold/framework/js/conditional_load/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ninjateam.org/wp-content/themes/enfold/framework/js/conditional_load/avia_google_recaptcha_api.js
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/wp-content/litespeed/js/530035170cfc7ff766611206f4620a49.js?ver=09054
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d618 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b309f1d8a151d98820986b0610f82e9e7ba2145997ce25eafab4e590f62ced7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/email-confirmed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66
cf-polished
origSize=19516
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Feb 2023 16:16:24 GMT
server
cloudflare
etag
W/"63da9058-4c3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msH4m01GLbMul2DlTtb8zFXNn1ShPRmy7iIING60DOJuawQhn51M5Y%2Fd0gRH%2Bj0YI7Kjvdx8udmmchmaL9bZikqiRIt1Nifu6NorHf3NxTBqbfDUXNIjre%2Fk4XFgd3M29JexdebgwITYOCpG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
79984a9ece712ba3-FRA
expires
Wed, 15 Feb 2023 07:42:07 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=auto
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/wp-content/litespeed/js/530035170cfc7ff766611206f4620a49.js?ver=09054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0690262903337c5392e015553dd03594040f0c86bfe53f1a3200f619d9e6d499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 19:43:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 19:40:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Feb 2023 19:43:13 GMT
api.js
www.google.com/recaptcha/ 		955 B
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=av_recaptcha_main_api_loaded&render=6LetjLcUAAAAAMptYGLwWGzAXoFeaxo-Sz_pqFWy&hl=en
Requested by
Host: ninjateam.org
URL: https://ninjateam.org/wp-content/themes/enfold/framework/js/conditional_load/avia_google_recaptcha_api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
04d9c9f6c870dd5589c13f4f563960862fc6d8c3f8faa82051ac618a8e49f2f1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
607
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 19:43:13 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ninjateam.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 08:26:15 GMT
x-content-type-options
nosniff
age
386218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 08:26:15 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ninjateam.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 08:26:15 GMT
x-content-type-options
nosniff
age
386218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 08:26:15 GMT
202796224580255
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/202796224580255?v=2.9.95&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
863aafb41bd285acc625126259d8347c08224c3a1c4862fcf426890945b23e92
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 14 Feb 2023 19:43:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
4In8acvn+jG6lVkJho9K3A/tItXA1K69Hqs8ZGdRB4vjx7d6O60jD0qzu7YSB3UTks/LbmtUjBmMkCsgZGpaPg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8e72876d6350752301317aa87deee7af
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
13fbcd4709597cdd0a9ebf7a4c2204a104e0393e7c181f2bd45797a76842ce82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ninjateam.org/
Origin
https://ninjateam.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 19:43:13 GMT
content-md5
FtXbY58RAvkWOfFVFZfdVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87018
x-fb-rlafr
0
x-fb-debug
KiBVaCZc+QPpD4izK48YrEI7ccApv2XMLtolAYiOZZpnsdqLsco/Eh0/oUE6wt1oQI93xLvuE8hIGqBhCRNcZQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
57c60bcd240a89d4111ce7399ae5a91c
cross-origin-opener-policy
same-origin-allow-popups
etag
"159bc4f26198285797db437b5481654e"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 14 Feb 2024 17:32:40 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-50193211-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 18:12:07 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5467
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 14 Feb 2023 20:12:07 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1015648589/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1015648589/?random=1676403793909&cv=11&fst=1676403793909&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fninjateam.org%2Femail-confirmed%2F&tiba=Email%20Confirmed%20-%20Ninja%20Team&auid=795428236.1676403794&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCPS44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca0587155a4c931a1fc25641ed5769e8d76a67720686f851b8fe142d8a29ae5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 19:43:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
875
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ 		404 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=av_recaptcha_main_api_loaded&render=6LetjLcUAAAAAMptYGLwWGzAXoFeaxo-Sz_pqFWy&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9f7c1a16a42a7c2852a789c0bb646ff49d8776eaf24be4f6c8b5a77abb0210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ninjateam.org/
Origin
https://ninjateam.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 15:20:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164579
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 03:04:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 10 Feb 2024 15:20:44 GMT
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1808784291&t=pageview&_s=1&dl=https%3A%2F%2Fninjateam.org%2Femail-confirmed%2F&ul=en-us&de=UTF-8&dt=Email%20Confirmed%20-%20Ninja%20Team&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=587723683&gjid=1803464519&cid=733883576.1676403794&tid=UA-50193211-10&_gid=296696102.1676403794&_r=1&gtm=457e32d0&z=1995249463
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ninjateam.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 19:43:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ninjateam.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=202796224580255&ev=PageView&dl=https%3A%2F%2Fninjateam.org%2Femail-confirmed%2F&rl=&if=false&ts=1676403794142&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676403794141.2065639640&it=1676403793866&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 14 Feb 2023 19:43:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/login/ Frame 4904
Redirect Chain
  • https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df81b5d82163384%26do...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df81b5d82163384%2526domain%253Dninjateam.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fninjateam.org%25252Ff3f4abf36347e9c%2526relation%253Dparent.parent%26container_width%3D355%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fninjateam.org%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse%26width%3D500
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8e72876d6350752301317aa87deee7af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ninjateam.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Feb 2023 19:43:14 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
aQmyPaQkVTqC4G1oCVrSi0SCWev8DHwxQsyM+YMt3CG9ihYVHetPoiGtKeZWeozoXl61zsS7dlyk9yJyBbPWaA==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Tue, 14 Feb 2023 19:43:14 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v9.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df81b5d82163384%2526domain%253Dninjateam.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fninjateam.org%25252Ff3f4abf36347e9c%2526relation%253Dparent.parent%26container_width%3D355%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fninjateam.org%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse%26width%3D500
origin-agent-cluster
?0
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
b3WIqOA2ZKRYddfi/HvS0og7Atz32kKTuBleRQ/5GWNOxhoD+5WUFQVrg8fNeqlcRS38CoNFUOjGaySPiX0GwQ==
x-fb-rlafr
0
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-50193211-10&cid=733883576.1676403794&jid=587723683&gjid=1803464519&_gid=296696102.1676403794&_u=YEBAAUAAAAAAACAAI~&z=805850097
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ninjateam.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 14 Feb 2023 19:43:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ninjateam.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1015648589/ 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1015648589/?random=1676403793909&cv=11&fst=1676401200000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fninjateam.org%2Femail-confirmed%2F&tiba=Email%20Confirmed%20-%20Ninja%20Team&fmt=3&is_vtc=1&random=1689806518&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 19:43:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1015648589/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1015648589/?random=1676403793909&cv=11&fst=1676401200000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fninjateam.org%2Femail-confirmed%2F&tiba=Email%20Confirmed%20-%20Ninja%20Team&fmt=3&is_vtc=1&random=1689806518&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 19:43:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-50193211-10&cid=733883576.1676403794&jid=587723683&_u=YEBAAUAAAAAAACAAI~&z=1976012892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 19:43:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-50193211-10&cid=733883576.1676403794&jid=587723683&_u=YEBAAUAAAAAAACAAI~&z=1976012892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 19:43:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 3C03 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetjLcUAAAAAMptYGLwWGzAXoFeaxo-Sz_pqFWy&co=aHR0cHM6Ly9uaW5qYXRlYW0ub3JnOjQ0Mw..&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=k4w7eli422g5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
56028cfd41038751e7ff6d89426c69249db5c1cc3043e3bbf6850b246b2088f4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ChP5j6q6vXPMT55C5-DNGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ninjateam.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22292
content-security-policy
script-src 'report-sample' 'nonce-ChP5j6q6vXPMT55C5-DNGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 19:43:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 3C03 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetjLcUAAAAAMptYGLwWGzAXoFeaxo-Sz_pqFWy&co=aHR0cHM6Ly9uaW5qYXRlYW0ub3JnOjQ0Mw..&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=k4w7eli422g5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 07:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 03:04:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 07:40:57 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 3C03 		404 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetjLcUAAAAAMptYGLwWGzAXoFeaxo-Sz_pqFWy&co=aHR0cHM6Ly9uaW5qYXRlYW0ub3JnOjQ0Mw..&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=k4w7eli422g5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9f7c1a16a42a7c2852a789c0bb646ff49d8776eaf24be4f6c8b5a77abb0210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 15:20:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164579
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 03:04:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 10 Feb 2024 15:20:44 GMT
/
www.facebook.com/tr/ Frame C5BB 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ninjateam.org
Referer
https://ninjateam.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://ninjateam.org
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 19:43:14 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
client.crisp.chat/settings/website/50b229a8-e7f0-4369-b588-198968e3970f/prelude/ 		212 B
335 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/50b229a8-e7f0-4369-b588-198968e3970f/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-1-14-19-43
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b91e513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a23919609eb5286cfaf4df45bde49dc356333ea5cb2c383077752584b82de10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 14 Feb 2023 19:43:14 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
79984aa5b9cd30f6-FRA
access-control-allow-headers
Content-Type, Origin
expires
Tue, 14 Feb 2023 23:43:14 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3C03 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:21:21 GMT
x-content-type-options
nosniff
age
15713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 21 Feb 2023 15:21:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3C03 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetjLcUAAAAAMptYGLwWGzAXoFeaxo-Sz_pqFWy&co=aHR0cHM6Ly9uaW5qYXRlYW0ub3JnOjQ0Mw..&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=k4w7eli422g5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 02:55:21 GMT
x-content-type-options
nosniff
age
406073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 02:55:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3C03 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetjLcUAAAAAMptYGLwWGzAXoFeaxo-Sz_pqFWy&co=aHR0cHM6Ly9uaW5qYXRlYW0ub3JnOjQ0Mw..&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=k4w7eli422g5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 02:34:10 GMT
x-content-type-options
nosniff
age
320944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Feb 2024 02:34:10 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 3C03 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetjLcUAAAAAMptYGLwWGzAXoFeaxo-Sz_pqFWy&co=aHR0cHM6Ly9uaW5qYXRlYW0ub3JnOjQ0Mw..&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=k4w7eli422g5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b29f19f936e72217644ab4281ffc4d75a12ed428d49b6e6f239209c4d068bafe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetjLcUAAAAAMptYGLwWGzAXoFeaxo-Sz_pqFWy&co=aHR0cHM6Ly9uaW5qYXRlYW0ub3JnOjQ0Mw..&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=k4w7eli422g5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 19:43:14 GMT
reload
www.google.com/recaptcha/api2/ Frame 3C03 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LetjLcUAAAAAMptYGLwWGzAXoFeaxo-Sz_pqFWy
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
23ee0f2566f4ac5cb3410c2678cc258cf0eccd62e64e1763df88dcc964abf84a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetjLcUAAAAAMptYGLwWGzAXoFeaxo-Sz_pqFWy&co=aHR0cHM6Ly9uaW5qYXRlYW0ub3JnOjQ0Mw..&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=k4w7eli422g5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 14 Feb 2023 19:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18720
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 19:43:15 GMT
/
client.crisp.chat/settings/website/50b229a8-e7f0-4369-b588-198968e3970f/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/50b229a8-e7f0-4369-b588-198968e3970f/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1675527989603
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b91e513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
994d757882f9796bed2d4dcf2c4b4c5de123e461e6e775d47076cf1608d5d6fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 14 Feb 2023 19:25:48 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
79984aa94b1037d7-FRA
access-control-allow-headers
Content-Type, Origin
expires
Tue, 14 Feb 2023 23:43:15 GMT
en.js
client.crisp.chat/static/javascripts/locales/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/locales/en.js?b91e513
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b91e513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
345bb53b4081801c7da8b64aaf2d8fe5022a1041e68228f95c902aede9e59dac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ninjateam.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 19:43:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
9051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 13:12:02 GMT
server
cloudflare
etag
W/"62a737a2-1afd"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
79984aa9abd637d7-FRA
access-control-allow-headers
Content-Type, Origin
expires
Fri, 11 Feb 2033 19:43:15 GMT
truncated
/ 		881 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| oncontentvisibilityautostatechange object| __cfQR object| dataLayer undefined| $ function| jQuery function| gtag boolean| avia_is_mobile object| avia_framework_globals object| AviaReCAPTCHA_front function| Froogaloop function| fbq function| _fbq object| $crisp object| CRISP_RUNTIME_CONFIG string| CRISP_WEBSITE_ID boolean| $__CRISP_INCLUDED function| Waypoint function| onYouTubeIframeAPIReady function| $f boolean| __cfRLUnblockHandlers function| av_recaptcha_main_api_loaded function| av_recaptcha_verifyCallback_v2 function| av_recaptcha_errorCallback function| av_recaptcha_expiredCallback object| google_tag_manager object| FB object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO object| $__CRISP_INSTANCE object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gaplugins object| gaGlobal object| gaData object| __buffer object| recaptcha object| closure_lm_249251

9 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AMK3mNAu-f1cJStEr4Rr6qsWdMOeeuEg7pVq8hUOQrJr2kc8a8NG1sA0_DgfCEcokvXTxV9METTTg91SLT1kkQM
ninjateam.org/ Name: mailster
Value: 013671d2782cd4ea2a55af9501b83f93
.ninjateam.org/ Name: _gcl_au
Value: 1.1.795428236.1676403794
.ninjateam.org/ Name: _ga
Value: GA1.2.733883576.1676403794
.ninjateam.org/ Name: _gid
Value: GA1.2.296696102.1676403794
.ninjateam.org/ Name: _gat_gtag_UA_50193211_10
Value: 1
.ninjateam.org/ Name: _fbp
Value: fb.1.1676403794141.2065639640
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ninjateam.org/ Name: crisp-client%2Fsession%2F50b229a8-e7f0-4369-b588-198968e3970f
Value: session_3fc558a5-0387-4301-a19f-c97d3fcaa701

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.crisp.chat
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ninjateam.org
stats.g.doubleclick.net
url8350.ninjateam.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
167.89.115.120
2606:4700:3032::ac43:d618
2606:4700::6812:1c5b
2a00:1450:4001:828::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c09::9d
2a00:1450:400d:803::2003
2a00:1450:400d:806::2002
2a00:1450:400d:806::2003
2a00:1450:400d:808::2004
2a00:1450:400d:80d::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
04d9c9f6c870dd5589c13f4f563960862fc6d8c3f8faa82051ac618a8e49f2f1
06489e93f3a45fe4c6a66721dc1cfec4060fef4471368063825443fca35c1e3e
0690262903337c5392e015553dd03594040f0c86bfe53f1a3200f619d9e6d499
13fbcd4709597cdd0a9ebf7a4c2204a104e0393e7c181f2bd45797a76842ce82
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
23ee0f2566f4ac5cb3410c2678cc258cf0eccd62e64e1763df88dcc964abf84a
345bb53b4081801c7da8b64aaf2d8fe5022a1041e68228f95c902aede9e59dac
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
51cecf0f0091a5627959311b342da84a83439e41b32268f7fb6f8e7946c399d1
56028cfd41038751e7ff6d89426c69249db5c1cc3043e3bbf6850b246b2088f4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6b9f7c1a16a42a7c2852a789c0bb646ff49d8776eaf24be4f6c8b5a77abb0210
7f260ff280b2e54e84e6f9c2790da49cc9abadc457b77d1df4dea121a8c8ab6e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863aafb41bd285acc625126259d8347c08224c3a1c4862fcf426890945b23e92
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8817ecfaa9e973d938d9c9f79b7efe1df77bd2f2f6bca349c34d30bb7d8aac76
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
994d757882f9796bed2d4dcf2c4b4c5de123e461e6e775d47076cf1608d5d6fe
995757a43ac7a59736fc4e5f5f17627c7713f17b97a736fe5b6c0bfdb46fa5a0
9aac61fb279328743396a9fa96c69cc4817639712168c8afbb7e5918c34095c8
9bc65777243b1114b2e5a5da5d87b9db6c45a7fe3db71707760104a5f1abaadd
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
a23919609eb5286cfaf4df45bde49dc356333ea5cb2c383077752584b82de10f
b29f19f936e72217644ab4281ffc4d75a12ed428d49b6e6f239209c4d068bafe
b309f1d8a151d98820986b0610f82e9e7ba2145997ce25eafab4e590f62ced7b
b948079438e403467c4eed36bfa2c5f7267bea9b7a983c795e9c2c16a0ce6663
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
ca0587155a4c931a1fc25641ed5769e8d76a67720686f851b8fe142d8a29ae5e
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eca23f0b7f1e8795d3043fc9dd048551bcc23ce22268355502f85a8a6e46f7b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f571b2d2f2e9ae76375f3c9d481387beaa4abfad1ea958931ba93513b0584b5d