criminalz.org Open in urlscan Pro
2606:4700:3031::ac43:d334 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Submission: On March 29 via manual (March 29th 2023, 9:27:22 am UTC) from DE — Scanned from DE

Summary HTTP 59 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 14 domains to perform 59 HTTP transactions. The main IP is 2606:4700:3031::ac43:d334, located in United States and belongs to CLOUDFLARENET, US. The main domain is criminalz.org.
TLS certificate: Issued by GTS CA 1P5 on March 1st 2023. Valid for: 3 months.

This is the only time criminalz.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3031::ac43:d334	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	2606:4700:303... 2606:4700:3038::6815:ea18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.232.194.2 199.232.194.2	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
59	14

23 2606:4700:3031::ac43:d334 (United States)

ASN13335 (CLOUDFLARENET, US)

criminalz.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:ea18 (United States)

ASN13335 (CLOUDFLARENET, US)

i.hizliresim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.194.2 (United States)

ASN54113 (FASTLY, US)

media3.giphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media4.giphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	criminalz.org criminalz.org	4 MB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	201 KB
3	hizliresim.com i.hizliresim.com — Cisco Umbrella Rank: 126748	496 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	5 KB
2	giphy.com media3.giphy.com — Cisco Umbrella Rank: 2409 media4.giphy.com — Cisco Umbrella Rank: 2497	15 MB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 12781	3 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 933	6 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7832	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	464 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2284	252 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	80 KB
0	archive.is Failed archive.is Failed
0	hackforums.net Failed hackforums.net Failed
59	14

	Domain	Requested by
23	criminalz.org	criminalz.org
6	pagead2.googlesyndication.com	criminalz.org pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	i.hizliresim.com	criminalz.org
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	images.dmca.com	criminalz.org
2	unpkg.com	criminalz.org
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	media4.giphy.com	criminalz.org
1	media3.giphy.com	criminalz.org
1	www.googletagmanager.com	criminalz.org
0	archive.is Failed	criminalz.org
0	hackforums.net Failed	criminalz.org
59	17

This site contains links to these domains. Also see Links.

Domain
www.dmca.com
xenforo.com
www.addonflare.com

Subject Issuer	Validity	Valid
*.criminalz.org GTS CA 1P5	`2023-03-01` - `2023-05-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
images.dmca.com R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
*.giphy.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-29` - `2023-12-31`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Frame ID: 52CB3816A0DD42236F9221E2A55E768D
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230327/r20190131/zrt_lookup.html
Frame ID: 8456AA6E1BFF64B955DEBC4D95B11859
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8391435252299972&output=html&adk=85976724&adf=3412083302&lmt=1680082034&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fcriminalz.org%2Fthreads%2Fx158-nordvpn-accounts-uhq-fresh-drop.7464%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680082036169&bpp=9&bdt=915&idt=274&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2579908730104&frm=20&pv=2&ga_vid=1804956442.1680082036&ga_sid=1680082036&ga_hid=196981920&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44777876%2C44759876%2C31071756%2C31073107%2C42531705%2C44786632&oid=2&pvsid=604026424372987&tmod=1132830662&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=301
Frame ID: B0A15F0BAC6A6E8A58D591EB7A126819
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AD058FA9CA3E3DDBAAA155674CC3C59E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD67C23286BC6D81A90558E5395E8DA0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

x158 nordvpn accounts - UHQ FRESH DROP | CriminalZ.Org • Hack Forum

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

83 %
HTTPS

85 %
IPv6

14
Domains

17
Subdomains

14
IPs

2
Countries

19422 kB
Transfer

20746 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dmca.com/Protection/Status.aspx?ID=dd49afdb-8401-41c3-9f15-c41bc161ebf6&refurl=https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/

Search URL Search Domain Scan URL

URL: https://xenforo.com/
Title: Community platform by XenForo® © 2010-2022 XenForo Ltd.

Search URL Search Domain Scan URL

URL: https://www.addonflare.com/
Title: Advanced Forum Stats, Awards System by AddonFlare - Premium XF2 Addons

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/ 48 KB
13 KB 874ms
816ms Document
text/html 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.28 PleskLin

Resource Hash

3ba29aae5b85fb121526533f7c191d296c0f15709bb0febb983d45930525855d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7af7136b4b9d3a4a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 09:27:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Wed, 29 Mar 2023 09:27:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIhO%2FIjifF%2BCJt3jXtP0KwKiCZKOLVparrxXj9C9ljMWyMdAiVLjON2pjGCWUu6ufiDlJe1lVogRQ%2FPjrEhzOH4Jr%2F5%2FLGGK8CS%2FU%2BkA88jt71rppn4rcrZZn0EdDesQTrePvyZbVmgGIMXG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.0.28 PleskLin

GET
H2 200 fa-regular-400.woff2
criminalz.org/styles/fonts/fa/ 165 KB
165 KB 52ms
49ms Font
font/woff2 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://criminalz.org/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Origin: https://criminalz.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2360
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 168768
last-modified: Sun, 12 Jun 2022 19:00:43 GMT
server: cloudflare
etag: "62a637db-29340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aed9YRUSScYWVtbJqTEnsBcWFwTcHL6PzdVxKFZnrqyhvVsThsIrvU%2BdpLbAbR%2FBVDQN%2BvgeGF6YETdUiwxPvZ4UwICQwpLVDBwhvOlH%2FTn8tsUwjVffTTAYHqAP9rSNa8NAml7ZEzG8ZYJc"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 7af713706ac93a4a-FRA

GET
H2 200 fa-solid-900.woff2
criminalz.org/styles/fonts/fa/ 134 KB
134 KB 29ms
27ms Font
font/woff2 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://criminalz.org/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Request headers

Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Origin: https://criminalz.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2360
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 136824
last-modified: Sun, 12 Jun 2022 19:00:43 GMT
server: cloudflare
etag: "62a637db-21678"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DW0ORcBw8cXs%2F9v3S2KO4%2B4%2B%2Bi%2BjD1fkSZ3b2Irr8C1zffyeKMsBQ6XjZLEDr%2FsU1Y0lS8tbDn7XXBVqPpbBkeIwUvYL3J0K25o23T3XwF7cAxWvDIYKXsxEbyu11NEV7DjdDreg30%2B6wFXe"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 7af713706acc3a4a-FRA

GET
H2 200 fa-brands-400.woff2
criminalz.org/styles/fonts/fa/ 75 KB
75 KB 51ms
50ms Font
font/woff2 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://criminalz.org/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Request headers

Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Origin: https://criminalz.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2360
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76740
last-modified: Sun, 12 Jun 2022 19:00:43 GMT
server: cloudflare
etag: "62a637db-12bc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pY%2F2%2Bv4WPXVyD5tBI6vJ%2BbdlLAbZl9oypF2T7zqPKgA1oEUwTZW20%2F%2BCfxl9CcDq4eY8D4jJmIs6Yy%2FH2ExtNpoIoIhHs7uYmo%2FfUgJ%2B9brVJZZckcuudvWKk0D4yvT4LodCOJoqzFHaFgm0"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 7af713706acd3a4a-FRA

GET
H2 200 css.php
criminalz.org/ 449 KB
69 KB 506ms
505ms Stylesheet
text/css 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://criminalz.org/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=4&l=1&d=1679905537&k=2db922ba64726fb26a43a3d5801462c5a1433802

Requested by

Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.28, PleskLin

Resource Hash

da6dd6c4494069e062b941844abc25be1265d8668082d70316254f35aee5ce96

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 27 Mar 2023 08:25:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.28, PleskLin
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4AK7cydRLTBzqBtxNYj8x6j0QtPDZ%2BKPXFM57GRQRjhRy8gzUk%2FO%2BmdpDM%2FholKW7iDnY%2FSFPQlBt1EWl01GUFLEolNTOJ5eJmI0iQlmBmOLGPyEcOGFucUkXyszQo695SixQTQzhGyAhHo"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7af713706aca3a4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 28 Mar 2024 09:27:15 GMT

GET
H2 200 css.php
criminalz.org/ 85 KB
16 KB 513ms
512ms Stylesheet
text/css 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://criminalz.org/css.php?css=public%3Aaf_as_message_postbit.less%2Cpublic%3Aaf_as_user_award_list.less%2Cpublic%3Acarousel.less%2Cpublic%3Alightbox.less%2Cpublic%3Alightslider.less%2Cpublic%3Amessage.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Axc_favicon_for_link.less%2Cpublic%3Aextra.less&s=4&l=1&d=1679905537&k=6ffd7bfdc420e49f5567116d9a4a45c4fd42a0f9

Requested by

Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.28, PleskLin

Resource Hash

f1ba459bd67db3c94cf7f82da8ee1538d50d45cdffa0791dfc71c6ec414f23e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 27 Mar 2023 08:25:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.28, PleskLin
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCV1NI%2F1WPzu8u7mFpZK2nxPA5wPudRQ64TeCoynIoAEeOJA012pvgAo9EW9NjDYUmoepiwRb4UUtDOhNBlwyszjtK%2BWz061vdP5rWln9%2FwT6RPyNo6elJQLFeV6BKOMcgJOz8AuIVd1nJkv"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7af713706acb3a4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 28 Mar 2024 09:27:15 GMT

GET
H2 200 preamble.min.js Show response
criminalz.org/js/xf/ 3 KB
2 KB 50ms
49ms Script
text/javascript 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://criminalz.org/js/xf/preamble.min.js?_v=842047bf
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Dec 2022 08:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2360
etag: W/"63959220-d33"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSBhq0y6JjXCTyY%2Fy1Tkdx3chcBzaRjmeL3gsOJZwcYFRndncCEMCnh8HkfeEP0q%2FU6hLRUMJo5zuGbVzREhr5qFiv0J4mL11vW1Il6B5WcB0o%2BBb%2FKVPipU%2FeZUH61M07nUiF2ElYYQkWE8"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=120
cf-ray: 7af713706acf3a4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
80 KB 87ms
37ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LM3LN2BC9Q

Requested by

Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9757f55f77d9f9012e0a3d6149aed0cfac7700259046a38a3029b839fb717bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81911
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Mar 2023 09:27:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 125ms
71ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8391435252299972

Requested by

Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83c04bfcef6ad06ca1594049b4b638e7b2d2f9f97fe7b0fbf113ba84ac632b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://criminalz.org/
Origin: https://criminalz.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48347
x-xss-protection: 0
server: cafe
etag: 1654766017340044389
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 09:27:15 GMT

GET
H2 200 aos.css
unpkg.com/aos@2.3.1/dist/ 25 KB
2 KB 81ms
27ms Stylesheet
text/css 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.css

Requested by

Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8297281
last-modified: Thu, 17 May 2018 22:11:13 GMT
fly-request-id: 01GMZ25V87HNT8J76G6963HMNN-fra
server: cloudflare
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7af71370bafc2bcd-FRA

GET
H2 200 logo.png
criminalz.org/ 1 MB
1 MB 38ms
37ms Image
image/png 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criminalz.org/logo.png
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c6cfdc405f5a9468faf45ee02e5c1213e98ebf31ebd0af516b3916235efb7504

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2360
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1094689
last-modified: Sun, 12 Jun 2022 19:00:27 GMT
server: cloudflare
etag: "62a637cb-10b421"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEj0UzXlevBxHcc6Tyh%2FTeWODyRS1f40Z5TCrZztBF8AXrthfXGGJnub%2Bka%2BZPUX7bsEVECT8BEGrU%2FPFpCspDM2pmg2PKEu%2BVtmhDx%2BvJy%2FhlsnRejMt9vl41nXfolJu5PyV0KgDpQbPNy%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 7af713708af33a4a-FRA

GET
H2 200 12.gif
criminalz.org/data/addonflare/awardsystem/icons/ 9 KB
10 KB 525ms
524ms Image
image/gif 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criminalz.org/data/addonflare/awardsystem/icons/12.gif?1657090261
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bde1bf5b58657976f6e4e67621f45e89c4f6ecdb8ede254293399097575d0403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 06 Jul 2022 06:51:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c530d5-25fb"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXQKzG0y%2F2eIFAyveTVj1tqErM88CN6%2B7M0LI6G0WUQcfjnLqt2XDhnX%2BggGrSMxqVhbqGAhh8GSpYIdIAa%2BekKtX%2BGSWrxcIbQXz%2Fo%2Fu%2FgxDyPq4BNO4ThTf20qtSMRpDSPPe%2FYgb2%2BgIMT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 7af713708af63a4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9723

GET
H3 200 9.png
criminalz.org/data/addonflare/awardsystem/icons/ 16 KB
16 KB 530ms
530ms Image
image/png 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criminalz.org/data/addonflare/awardsystem/icons/9.png?1657089683
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f1d56d19a1a983fdc18261d1eb69e68bcb948f6b90f7986626d39d7c376e8d25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 06 Jul 2022 06:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c52e93-3ffb"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BcX2C%2BvKeXH229WyXPpU0VxfyvqKyZHYm7SJSc7GMVLzZbCdR%2BAtVv6Bf333Y4hSwhEAQzvOZUHwvVJRIe%2BXCzKZmNMWgW3XxS5%2BN8Rr%2BGo2f2EYwYK13UmLoJnlgNvCKXBY9btL%2BD8fgQy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 7af713716d9d367f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16379

GET
H3 200 8.png
criminalz.org/data/addonflare/awardsystem/icons/ 4 KB
4 KB 598ms
597ms Image
image/png 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criminalz.org/data/addonflare/awardsystem/icons/8.png?1657089411
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d78123ed096a794dc4d454e0499e52ff5d3c2a716aa517106ec0b2c2fffce22e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 06 Jul 2022 06:36:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c52d83-fb2"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aldwKpk1wkRco3ffF2TKcrX7SFh2lKP8%2FWC4D2vEr%2BRiUihFxtl47qj5bmz%2BM5NyMz9kWcLo3U%2F7DlDsMoHoHN5aXs9Domosc6xc1K4IqhzOS8kY4zwVpRPTCrgwNZQHNLjTV17fRUUwT%2Bhs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 7af713716d9e367f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4018

GET
H3 200 2.gif
criminalz.org/data/addonflare/awardsystem/icons/ 2 MB
2 MB 537ms
536ms Image
image/gif 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criminalz.org/data/addonflare/awardsystem/icons/2.gif?1650824203
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 61ba5235fb2a6e68460b41bf92c7def8a4b01fa3b6eed05140f757bda8f95464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 12 Jun 2022 19:00:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62a637bc-1aba6f"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPZQ2aKhlu8vX2nL%2FTGOoiNs0SVxNkOdDdqKF%2BzEYKnjofF%2BcMo3TrHR%2FOmm3I2FJgXPcgYA0UpvQJJ9EekT30hs0YBJJpxLm1R62h9S6chN%2FBMScwvJRI6ZmTKETld%2FwxQvFEzI%2Fm2P4wsz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 7af713716da3367f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1751663

GET
H3 200 1.gif
criminalz.org/data/addonflare/awardsystem/icons/ 34 KB
35 KB 550ms
547ms Image
image/gif 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criminalz.org/data/addonflare/awardsystem/icons/1.gif?1647529912
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fc35ebd3a148ef5689d39753d75047d68c9cf617ffc9b45fec8f2789b5ef4a8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 12 Jun 2022 19:00:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62a637bc-8821"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJG1hRQLqaMrJmrO8ffZNsY2UEJJ6X1ZQMLVkzP8eqYZyUBxgUcqPX4ycKN9%2FbfuEfrOj37LLGZJHd%2BBMTnNrrMgm9fhNUdzCsVj%2FXpuDwxAeY31k1iNrk3TXwKJr07wTRJSL0v0lnsbRGhr"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 7af713717da7367f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34849

GET
H2 200 dmca_protected_sml_120p.png
images.dmca.com/Badges/ 3 KB
3 KB 77ms
23ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca_protected_sml_120p.png?ID=dd49afdb-8401-41c3-9f15-c41bc161ebf6
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 597de317dc8bdf4c96e580f071cc3475c15f427313627639c8867cf3e8f0a9c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
last-modified: Tue, 04 May 2010 23:19:10 GMT
server: Microsoft-IIS/10.0
etag: "2f5e7e33e0ebca1:0"
x-powered-by: ASP.NET
x-hw: 1680082035.cds336.fr8.hn,1680082035.cds055.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/dmca_protected_sml_120p.png>; rel="canonical"
content-length: 2599

GET
H3 200 email-decode.min.js Show response
criminalz.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 26ms
23ms Script
application/javascript 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://criminalz.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 12:31:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6419a395-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cza16Goq7KjKBlQSLrw0oBXVdDsOCwS5uT7eszw6R%2BNb2mKNGIIv%2Fs4nyAnZ6El6diAvO93lecR2tlP5sje8WBoZT6AYaEb2WSBiyJZsYDFhOpcWjVhV2csWq9bQEEbnik%2FgOaRcQmdDEcDa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7af713717dab367f-FRA
expires: Fri, 31 Mar 2023 09:27:15 GMT

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
672 B 74ms
20ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1680082035.cds336.fr8.hn,1680082035.cds057.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 4vp8w9t.png
i.hizliresim.com/ 5 KB
5 KB 84ms
29ms Image
image/jpeg 2606:4700:3038::6815:ea18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.hizliresim.com/4vp8w9t.png
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53fb6a0d206b74934156efe51ba2f9dc67103da05ae1ebb1818efdca7a680069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: B16E69C356377E24
age: 486250
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: RiNer5MUzkcz3J08DEndKlwWX9eR3Jw3w+QKiBR3BihCLKK9XKyXmY+aBqAhM4cSxFsIHRB+Nbdn
last-modified: Thu, 21 Apr 2022 14:21:49 GMT
server: cloudflare
etag: W/"37b66072bbdcabcec01521a7a48096f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlNtaTr3nmOzGgoYYIAY5wMHTwmhfNemobIB97IeokHhUvvs%2FORgBrQ8tjcoNes1j1LpLFRRyhQqoI79pXGx32HiGvk3zUNnuT%2FkcsAdVA%2FX9njiV6KDDPsQre2H3DtHtfYpWsnNmZYr66AsbRJa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
cf-ray: 7af71371ce75371f-FRA
expires: Mon, 27 Mar 2023 11:03:55 GMT

GET
H2 200 aos.js Show response
unpkg.com/aos@2.3.1/dist/ 14 KB
4 KB 41ms
30ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.js

Requested by

Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8297281
last-modified: Thu, 17 May 2018 22:11:13 GMT
fly-request-id: 01GMZ25VF6EH3S1K3WGJ9FR3C4-fra
server: cloudflare
etag: W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7af713718c0c2bcd-FRA

GET
H3 200 jquery-3.5.1.min.js Show response
criminalz.org/js/vendor/jquery/ 87 KB
32 KB 33ms
31ms Script
text/javascript 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://criminalz.org/js/vendor/jquery/jquery-3.5.1.min.js?_v=842047bf
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 12 Jun 2022 19:00:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6591
etag: W/"62a637cb-15d84"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9h5byBbWAA806epckc1RGsGYJR1WG4xU8sj6x2nB7joBDyGmtPSIIL6DPMZ8d4IeatKHYxVre8yqYZ9rMMWbn8clIN9Xr0LfXhwfMEmwEBDOeSRlcR6pvUoW%2Ffl5GTfIBULJdfhGURAAfcmU"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=120
cf-ray: 7af713717dac367f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 vendor-compiled.js Show response
criminalz.org/js/vendor/ 42 KB
13 KB 89ms
86ms Script
text/javascript 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://criminalz.org/js/vendor/vendor-compiled.js?_v=842047bf
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3195
cf-polished: origSize=43704
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 12 Jun 2022 19:00:27 GMT
server: cloudflare
etag: W/"62a637cb-aab8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVay487z3FjZ%2F291NEkeb13E8M%2F5PzmpvtfvjGf%2BojR5fSnOHHz2GhFto9xOeRwukgbuLbgTwPf8X2fxDKxofclhoIlXy1793WpKHsJQH7%2FS%2BXPNVAHnwM5txtk5XQvpjli%2Bc9pktD4tZYZj"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=120
cf-ray: 7af713717dad367f-FRA

GET
H3 200 core-compiled.js Show response
criminalz.org/js/xf/ 209 KB
61 KB 49ms
46ms Script
text/javascript 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://criminalz.org/js/xf/core-compiled.js?_v=842047bf
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: abedeb2dbbfa0642370887c7fd082a1774f4e1f8129a4d9adba2908fe9e8b4d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6591
cf-polished: origSize=213917
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 11 Dec 2022 08:17:36 GMT
server: cloudflare
etag: W/"63959220-3439d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIrQbj2QACiXghtndYzCOPy9Di8QPdh7rceXgI6pO1h8Ie%2FH%2FNVE80mKmrlrZ2oA0nm3FvJw04nKAwSBMI1B8XhpUG5aZRwPuP074%2FCLnJVJ8dO7ndcsgt63bDX2EDA2GOhK3BO%2BjZN87PPn"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=120
cf-ray: 7af713717daf367f-FRA

GET
H3 200 carousel-compiled.js Show response
criminalz.org/js/xf/ 17 KB
6 KB 29ms
27ms Script
text/javascript 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://criminalz.org/js/xf/carousel-compiled.js?_v=842047bf
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 604fa40d66f203615cd302ea9d5d82099cc90aa53c5aa60fc7b08741e07da60a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6559
cf-polished: origSize=17050
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 12 Jun 2022 19:00:27 GMT
server: cloudflare
etag: W/"62a637cb-429a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8nuf7LUY2DVaol3XYuWMEA3cwtjrhSoCdOsePdZB5qCK05qIkbbUFAPojugR8aKSdpenzape83vmC0lL3OqcQCHKSmJyt5tbGJNSkAJOtjt5vx3Ot95UYZDLrU5%2FU0ZkEzEFBtUISpOUby7"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=120
cf-ray: 7af713717db0367f-FRA

GET
H3 200 lightbox-compiled.js Show response
criminalz.org/js/xf/ 80 KB
26 KB 94ms
91ms Script
text/javascript 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://criminalz.org/js/xf/lightbox-compiled.js?_v=842047bf
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5fcfb74ca9dc3f7ebdf97b04b4e1daf040621b51527e1424e8cbd3c67370c924

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6538
cf-polished: origSize=82180
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 12 Jun 2022 19:00:27 GMT
server: cloudflare
etag: W/"62a637cb-14104"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bxC5eNMJgHVBnVaxUI5XuWn5rLCsbQgkdy76liTc54YT2jR0HWXirz0TNmpIhwUN5DdeyL7Hzedze2e%2FwKRtkCtZRGO1TQq48UYuV4H43xg5O%2B0FhtrVg0FBJU8Jg%2BOA167dw7WyMmk%2FgDe"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=120
cf-ray: 7af713717db2367f-FRA

GET
H3 200 faviconforlink.js Show response
criminalz.org/js/xenconcept/faviconforlink/ 419 B
828 B 32ms
30ms Script
text/javascript 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://criminalz.org/js/xenconcept/faviconforlink/faviconforlink.js?_v=842047bf
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f216fc9a616c7af2d279ecfdfd851c75badaab21fbdbd2f90e0b5e54e7eb9bd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6591
cf-polished: origSize=638
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 12 Jun 2022 19:00:27 GMT
x-accel-version: 0.01
server: cloudflare
etag: W/"27e-5e144c8d548c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viw9H%2FCtJQRAXDnw89P6IrZjSZ0ZNpoF26grUnVgunSg72raCuurOhO8bJv%2FbewKsXBSJ%2FSnHkghwNFeE4CEBro09MwpkON%2F2m9dE2Zdan9bHwGyMLZqRd5NSIwO0s40dTHbXwx66QmosWxV"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=120
cf-ray: 7af713717db3367f-FRA

GET
H3 200 notice.min.js Show response
criminalz.org/js/xf/ 4 KB
2 KB 50ms
40ms Script
text/javascript 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://criminalz.org/js/xf/notice.min.js?_v=842047bf
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Dec 2022 08:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6591
etag: W/"63959220-e4e"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0NMZG1j6poxn9Pe8goN%2BgvZs%2Feq0xHE29hRSkThy6SpNhiLW1XaAjy9zzRc%2Bvuc35NUaJyp2tqyPW5ZxVWtMG5P0bR%2FMvwiOnHtFOzYUW6RjgI9g9a3zdd7SZZq22xw1LJzpCR8jwGf6hG0"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=120
cf-ray: 7af713718dc0367f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303230101/ 350 KB
117 KB 129ms
88ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8391435252299972&plah=criminalz.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8391435252299972

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e03142106d690dacb699cb4d07e9fe2249dd0702c7031a5ccd1cf52f6279790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119862
x-xss-protection: 0
server: cafe
etag: 6458401352576388536
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 09:27:16 GMT

GET
H2 200 cohdxff.jpg
i.hizliresim.com/ 81 KB
81 KB 28ms
28ms Image
image/jpeg 2606:4700:3038::6815:ea18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.hizliresim.com/cohdxff.jpg
Requested by: Host: criminalz.org
URL: https://criminalz.org/css.php?css=public%3Aaf_as_message_postbit.less%2Cpublic%3Aaf_as_user_award_list.less%2Cpublic%3Acarousel.less%2Cpublic%3Alightbox.less%2Cpublic%3Alightslider.less%2Cpublic%3Amessage.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Axc_favicon_for_link.less%2Cpublic%3Aextra.less&s=4&l=1&d=1679905537&k=6ffd7bfdc420e49f5567116d9a4a45c4fd42a0f9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad8c44416e55b0eb518b72e52f6ff5ffe612cea34db8dd70e02f6fda25e4cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4A678682655B1711
age: 352571
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Zao0/LK4YeOfnMTeR78LOtkQOcTXl5EZoMsmQakFgTgOValhMPpqkB9e1Nd38ZaEqSn73z4kGmS1
last-modified: Tue, 04 Oct 2022 17:26:24 GMT
server: cloudflare
etag: W/"c25d4e572edd06eab93b7b98bebbcab2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWTbE9hLWr9x9XYwVfnbqUcn04QVmvA4R21djYlsz%2FdLVJpnVdLpg3sBaM340Gx8SEKjZx2DOCMMu4et8hwOpB%2F9ts83sM4t4N7Yvibhm91GiJhyB%2B36J86TuzUOzmmYKRmG3ECS%2BRt3OQ5D0KIe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
cf-ray: 7af713762c58371f-FRA
expires: Mon, 20 Mar 2023 02:41:05 GMT

GET
H2 200 giphy.gif
media3.giphy.com/media/jmS6emKfUZXbO88P00/ 14 MB
14 MB 74ms
18ms Image
image/gif 199.232.194.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media3.giphy.com/media/jmS6emKfUZXbO88P00/giphy.gif?cid=ecf05e47quhndnlgsxgx1zjhklk9koj94ys1x608rma2mxdu&rid=giphy.gif&ct=g

Requested by

Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1eb268dc9ab18fc59c30fa333e5ba15c01228e59e0b34bbf3f8b28744f585a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:16 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15465600
age: 881973
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 14683140
x-served-by: cache-iad-kiad7000087-IAD, cache-hhn-etou8220036-HHN
last-modified: Sun, 01 Dec 2019 17:52:41 GMT
x-timer: S1680082036.238980,VS0,VE1
etag: "e07d4f740b5a5eee3d13153f077249ff-3"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1200, 0

GET
H2 200 100.webp
media4.giphy.com/media/YpE77hb96oR0NssFTk/ 634 KB
635 KB 73ms
18ms Image
image/webp 199.232.194.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media4.giphy.com/media/YpE77hb96oR0NssFTk/100.webp

Requested by

Host: criminalz.org
URL: https://criminalz.org/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=4&l=1&d=1679905537&k=2db922ba64726fb26a43a3d5801462c5a1433802

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3d2c5f711e5a9378d80597844f532e0ef3b7ba5b0d2e05cd8dacdcf84c228148

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:16 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15465600
age: 702777
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 649438
x-served-by: cache-iad-kcgs7200070-IAD, cache-hhn-etou8220039-HHN
last-modified: Fri, 13 May 2022 22:29:41 GMT
x-timer: S1680082036.238273,VS0,VE1
etag: "f4436689bdb5fa270579379c9cdb4a94"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 282, 1

GET 26_1643844647.png
hackforums.net/uploads/crews/userbars/ 0
0

GET 52a5e4b477544489ed718d0dacb3076964cb1eb5.png
archive.is/50Ttu/ 0
0

GET e274e4d58752b7056a508259b5710d0772aa1ab3.png
archive.is/50Ttu/ 0
0

GET 198b13fdaa53c2d9c0a7ee4c0de97fd0bade2b9b.png
archive.is/50Ttu/ 0
0

GET e40c04b6441431709e1f08faba7e6deed308418c.png
archive.is/50Ttu/ 0
0

GET e440e25a10d753a0d99381af57e84131dc4c391b.png
archive.is/50Ttu/ 0
0

GET 199ef78286ebd5cf6b5935b3334b721ac289ffd8.png
archive.is/50Ttu/ 0
0

GET a5271e15baf45d4571347895a85a87969c4fdf2a.png
archive.is/50Ttu/ 0
0

GET 4251391cb390904950b193e1050ee4b6d40a1ef5.png
archive.is/50Ttu/ 0
0

GET 2e5d6eb21ac24718a890a90e6ea89386b5ec6604.png
archive.is/50Ttu/ 0
0

GET
H3 200 fa-duotone-900.woff2
criminalz.org/styles/fonts/fa/ 178 KB
178 KB 28ms
27ms Font
font/woff2 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://criminalz.org/styles/fonts/fa/fa-duotone-900.woff2?_v=5.15.3
Requested by: Host: criminalz.org
URL: https://criminalz.org/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=4&l=1&d=1679905537&k=2db922ba64726fb26a43a3d5801462c5a1433802
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3b5176bfadbb42740a51a8defa97dd393a2615dc1bffdcf333ac9d131893817d

Request headers

Referer: https://criminalz.org/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=4&l=1&d=1679905537&k=2db922ba64726fb26a43a3d5801462c5a1433802
Origin: https://criminalz.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6539
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 181948
last-modified: Sun, 12 Jun 2022 19:00:43 GMT
server: cloudflare
etag: "62a637db-2c6bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOBm2VPOaDQPO43D%2FdOuXGsi3OaM1GwVRiIipamU3O0OwPibXag5YB1szhPLuDq9TJKZknZiBP2zVRDCLT6HKDm0INa2EG23FGMFY66dEJwiPhP9r9d0qrhJHOG02T4PgbGHTNAJ6S2mXHUW"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 7af713762c1f367f-FRA

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230327/r20190131/ Frame 8456 10 KB
5 KB 70ms
18ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230327/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8391435252299972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://criminalz.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 17:50:04 GMT
etag: 2378337311435320485
expires: Tue, 11 Apr 2023 17:50:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6.jpg
criminalz.org/data/avatars/m/0/ 3 KB
4 KB 485ms
482ms Image
image/jpeg 2606:4700:3031::ac43:d334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criminalz.org/data/avatars/m/0/6.jpg?1657713686
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6a1386470d474f0de01c282c62ccdc894d49f9d0a91571201a894e5c101860d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:16 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Jul 2022 12:01:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62ceb417-d9f"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4EOFXgeURfaUlDxtREfsc6XmgbtzLcFmy7pd%2FdwDF%2BTNSKrLONokLY3ubRY1H1P%2F1NqRMJUqlhE2BETqKfaxSK9udI2MduCFlb72bjoen%2FrB1cIYi4F41ODwyz04am0EswMyydh8q9BhIHr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 7af713765c62367f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3487

GET
H3 200 qc3n7k8.gif
i.hizliresim.com/ 408 KB
409 KB 34ms
31ms Image
image/jpeg 2606:4700:3038::6815:ea18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.hizliresim.com/qc3n7k8.gif
Requested by: Host: criminalz.org
URL: https://criminalz.org/threads/x158-nordvpn-accounts-uhq-fresh-drop.7464/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dd751174b49423670c7af608f350728b31702aa7c6e3272b85ca4f0ead759c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2F7D4971ABD511BE
age: 189227
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: mIuhdY/g4E6luCzYcpS7TLORlYIIdLc9jIKbb3KSjHtY7p5blvaCcuf8t+XCtpZNsZplEDqN29Zm
last-modified: Sun, 24 Apr 2022 18:12:40 GMT
server: cloudflare
etag: W/"b3202f0a6728f1e45d08aefa495bb057"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubzRwanOvV3oduBVhZF8ZxfKvkgCj%2FLQPj%2F7vbvPMb%2BdYuNYdgmvzd7oLVOV9HLU2sW8vgcoWijGHkOGKS4mEEADhWpvP5z3adElpHzrMCw932ZeCh0qyJg5e3YF8n%2Beg8tdiKQgwcQ6vMkvDvfl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
cf-ray: 7af713765af25bf9-FRA
expires: Mon, 03 Apr 2023 02:44:27 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 77ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LM3LN2BC9Q&gtm=45je33r0&_p=196981920&cid=1804956442.1680082036&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680082036&sct=1&seg=0&dl=https%3A%2F%2Fcriminalz.org%2Fthreads%2Fx158-nordvpn-accounts-uhq-fresh-drop.7464%2F&dt=x158%20nordvpn%20accounts%20-%20UHQ%20FRESH%20DROP%20%7C%20CriminalZ.Org%20%E2%80%A2%20Hack%20Forum&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LM3LN2BC9Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 09:27:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://criminalz.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 013637d8ecd06ea1d8c4b9a81965b854a0c2bd46a95ff500c9a9eeeeea5a637f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
464 B 36ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=criminalz.org&callback=_gfp_s_&client=ca-pub-8391435252299972

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8391435252299972&plah=criminalz.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f417790edf960556c1a065ef8be1c9fd372350037ab49a074caec3d1ec3578d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 96ms
27ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=criminalz.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 81ms
27ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=criminalz.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B0A1 603 B
239 B 55ms
54ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8391435252299972&output=html&adk=85976724&adf=3412083302&lmt=1680082034&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fcriminalz.org%2Fthreads%2Fx158-nordvpn-accounts-uhq-fresh-drop.7464%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680082036169&bpp=9&bdt=915&idt=274&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2579908730104&frm=20&pv=2&ga_vid=1804956442.1680082036&ga_sid=1680082036&ga_hid=196981920&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44777876%2C44759876%2C31071756%2C31073107%2C42531705%2C44786632&oid=2&pvsid=604026424372987&tmod=1132830662&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=301

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://criminalz.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 09:27:16 GMT
expires: Wed, 29 Mar 2023 09:27:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 68ms
67ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230327&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f3a34791fd10aa6838aefcf6834aa848541bf30756e9ab4256e3570f7fc99a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11141
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 178ms
30ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Mar 2023 09:27:17 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AD05 13 KB
5 KB 19ms
18ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://criminalz.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1963
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 08:54:34 GMT
expires: Thu, 28 Mar 2024 08:54:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DD67 783 B
1 KB 85ms
30ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0eeb2e81920bac674321da6ce0953f6887761cd8f0949e27eb56c82b4b20f70f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MbM_b_uu1yvm3u2CvHvYow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://criminalz.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-MbM_b_uu1yvm3u2CvHvYow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 09:27:17 GMT
expires: Wed, 29 Mar 2023 09:27:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js Show response
pagead2.googlesyndication.com/bg/ Frame AD05 36 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 06:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14115
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Mar 2024 06:37:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DD67 0
0 53ms
52ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230327&jk=604026424372987&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AD05 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Tm0OJQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:27:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230327&jk=604026424372987&bg=!dXaldiLNAAbO2UOH7tk7ADkAdvg8Ws4ttVW-71G80CjfawCfY0UaAA2tHEHp55P-ZyvAv_bRnKbYeIEDQpJ3Ru9aXuTSlj5ilVICAAAAUVIAAAACaAEHCgB1yFNDPZhO22NnZOEVCzZXPC0f0pm-02O6q2RcbxSoLD3EAd7kEtBXKSMgJQxFUGuo8pnBsKuyT4KX9UASzs8dtuQtZNYSS6ER1sp18Td9ZhduHNJumXsP4ZmbiZpeBFThwHjlxCH-YC24RLkTFhFWkXe-sbeVmQKz-Xb4zxilOwyEJ73D_cjtDghLyzZf8SWoH1Y_IBgl5u8uoZCwYqvgKprWXSFsvNDObl1TMcDdt7SF65Mj68TMDC6OLFRPEUwj01FZGfP83LMPiqLBPECLfhGI1tvfyfY5_nKppHXLbCAi1LGpsU4MQJH6Axo5XEEXUv9z2ReijGOM0AnOLAZpCIKzZO5ac_oTbgEOJ7rburdzYyFAe_2ejHPUL-BI4lAHbchDZyGx6UxU7plbIOL0-kZxm9sfTALimIBTCzWJmT6snmiB4TuJQSzcrUCXm6U5aJ2RZRSIdnHRWrVN1u9CuiWJOBRGmrZXhX0vLcSIsYRPWJggRQefApgR0HAVkEDvqinLi8JHs93yFvou1Z5eqKUN7Q31L2DBnr2XjMv_eYdw_J24jsio3o6ks9IqL8NaB6dhBNZ0x1V8JDnmhMiuAM2Nu1vURkjH3qCaebyEJagi2amYK50vDe69HYO2s0feqFQVVTmba5827wzlobLKtiXChN0XIVosi3K45wvvI-74K94BKe--XcaUzs_IjdbHxwLxpJkyNmv9RiUc3GaQv8RmPNNWzFXB7_X0leggEcvtRuzjaULOK_UmdWMl6vaG0BZU2mX3oghkhSd3rpzYn6Oyxpl5rQGmwyoT4euYhh_Y6lzs4lY2I6lXq1TnYmyvaazW9PMgIdSx5Lri0c3iJ0KtlpI0TkCu7upbcU_wp-VR0skHhhOX3eWZ43KKx9V1GN_G7u0KPHfsei9-TCxtwVyuwcKZYVCKUxyknBLlCYO9ejXvtpx1Th-OclAFPTeCy27a6daGz3fXBlObr5vDnb3hDuCUh3BRO2IEx5QNL50tj2xUp-hBWc2RE2r9QE-TBPSCLl3EfLYVA1tHBWtadRQdo5T_2W3H0A-iUPB8ZN4SMmC1BHT0myqWZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://criminalz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hackforums.net
URL: https://hackforums.net/uploads/crews/userbars/26_1643844647.png

Domain: archive.is
URL: https://archive.is/50Ttu/52a5e4b477544489ed718d0dacb3076964cb1eb5.png

Domain: archive.is
URL: https://archive.is/50Ttu/e274e4d58752b7056a508259b5710d0772aa1ab3.png

Domain: archive.is
URL: https://archive.is/50Ttu/198b13fdaa53c2d9c0a7ee4c0de97fd0bade2b9b.png

Domain: archive.is
URL: https://archive.is/50Ttu/e40c04b6441431709e1f08faba7e6deed308418c.png

Domain: archive.is
URL: https://archive.is/50Ttu/e440e25a10d753a0d99381af57e84131dc4c391b.png

Domain: archive.is
URL: https://archive.is/50Ttu/199ef78286ebd5cf6b5935b3334b721ac289ffd8.png

Domain: archive.is
URL: https://archive.is/50Ttu/a5271e15baf45d4571347895a85a87969c4fdf2a.png

Domain: archive.is
URL: https://archive.is/50Ttu/4251391cb390904950b193e1050ee4b6d40a1ef5.png

Domain: archive.is
URL: https://archive.is/50Ttu/2e5d6eb21ac24718a890a90e6ea89386b5ec6604.png

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
criminalz.org/	1969-12-31 23:59:59	Name: xf_csrf Value: 1QA11WOVMQd8Skxf
.criminalz.org/	1970-01-20 20:17:22	Name: _ga_LM3LN2BC9Q Value: GS1.1.1680082036.1.0.1680082036.0.0.0
.criminalz.org/	1970-01-20 20:17:22	Name: _ga Value: GA1.1.1804956442.1680082036
.criminalz.org/	1970-01-20 20:02:58	Name: __gads Value: ID=d3af06ee58e5d5d1-221080d572dd0014:T=1680082036:RT=1680082036:S=ALNI_MbGVD0AZPREDxbDdCxpisvVX9cD9A
.criminalz.org/	1970-01-20 20:02:58	Name: __gpi Value: UID=00000579d2240414:T=1680082036:RT=1680082036:S=ALNI_MZ0WT0htGyavhtSCl-M2ZcyOXQMTQ
.doubleclick.net/	1970-01-20 10:41:22	Name: test_cookie Value: CheckForPermission

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://archive.is/50Ttu/52a5e4b477544489ed718d0dacb3076964cb1eb5.png Message: Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH
network	error	URL: https://archive.is/50Ttu/e274e4d58752b7056a508259b5710d0772aa1ab3.png Message: Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH
network	error	URL: https://archive.is/50Ttu/198b13fdaa53c2d9c0a7ee4c0de97fd0bade2b9b.png Message: Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH
network	error	URL: https://archive.is/50Ttu/e40c04b6441431709e1f08faba7e6deed308418c.png Message: Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH
network	error	URL: https://archive.is/50Ttu/e440e25a10d753a0d99381af57e84131dc4c391b.png Message: Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH
network	error	URL: https://archive.is/50Ttu/199ef78286ebd5cf6b5935b3334b721ac289ffd8.png Message: Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH
network	error	URL: https://hackforums.net/uploads/crews/userbars/26_1643844647.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://archive.is/50Ttu/a5271e15baf45d4571347895a85a87969c4fdf2a.png Message: Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH
network	error	URL: https://archive.is/50Ttu/4251391cb390904950b193e1050ee4b6d40a1ef5.png Message: Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH
network	error	URL: https://archive.is/50Ttu/2e5d6eb21ac24718a890a90e6ea89386b5ec6604.png Message: Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
archive.is
criminalz.org
googleads.g.doubleclick.net
hackforums.net
i.hizliresim.com
images.dmca.com
media3.giphy.com
media4.giphy.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
unpkg.com
www.google.com
www.googletagmanager.com
archive.is
hackforums.net
151.139.128.10
199.232.194.2
2001:4860:4802:34::36
2606:4700:3031::ac43:d334
2606:4700:3038::6815:ea18
2606:4700::6810:7eaf
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2008
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
013637d8ecd06ea1d8c4b9a81965b854a0c2bd46a95ff500c9a9eeeeea5a637f
0dd751174b49423670c7af608f350728b31702aa7c6e3272b85ca4f0ead759c6
0eeb2e81920bac674321da6ce0953f6887761cd8f0949e27eb56c82b4b20f70f
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1eb268dc9ab18fc59c30fa333e5ba15c01228e59e0b34bbf3f8b28744f585a1d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3b5176bfadbb42740a51a8defa97dd393a2615dc1bffdcf333ac9d131893817d
3ba29aae5b85fb121526533f7c191d296c0f15709bb0febb983d45930525855d
3d2c5f711e5a9378d80597844f532e0ef3b7ba5b0d2e05cd8dacdcf84c228148
3f3a34791fd10aa6838aefcf6834aa848541bf30756e9ab4256e3570f7fc99a6
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
53fb6a0d206b74934156efe51ba2f9dc67103da05ae1ebb1818efdca7a680069
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597de317dc8bdf4c96e580f071cc3475c15f427313627639c8867cf3e8f0a9c0
5fcfb74ca9dc3f7ebdf97b04b4e1daf040621b51527e1424e8cbd3c67370c924
604fa40d66f203615cd302ea9d5d82099cc90aa53c5aa60fc7b08741e07da60a
61ba5235fb2a6e68460b41bf92c7def8a4b01fa3b6eed05140f757bda8f95464
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a1386470d474f0de01c282c62ccdc894d49f9d0a91571201a894e5c101860d8
7e03142106d690dacb699cb4d07e9fe2249dd0702c7031a5ccd1cf52f6279790
83c04bfcef6ad06ca1594049b4b638e7b2d2f9f97fe7b0fbf113ba84ac632b5d
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
9757f55f77d9f9012e0a3d6149aed0cfac7700259046a38a3029b839fb717bc8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b
abedeb2dbbfa0642370887c7fd082a1774f4e1f8129a4d9adba2908fe9e8b4d3
b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d
bde1bf5b58657976f6e4e67621f45e89c4f6ecdb8ede254293399097575d0403
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
c6cfdc405f5a9468faf45ee02e5c1213e98ebf31ebd0af516b3916235efb7504
c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cad8c44416e55b0eb518b72e52f6ff5ffe612cea34db8dd70e02f6fda25e4cd2
d78123ed096a794dc4d454e0499e52ff5d3c2a716aa517106ec0b2c2fffce22e
da6dd6c4494069e062b941844abc25be1265d8668082d70316254f35aee5ce96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1
f1ba459bd67db3c94cf7f82da8ee1538d50d45cdffa0791dfc71c6ec414f23e6
f1d56d19a1a983fdc18261d1eb69e68bcb948f6b90f7986626d39d7c376e8d25
f216fc9a616c7af2d279ecfdfd851c75badaab21fbdbd2f90e0b5e54e7eb9bd8
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f417790edf960556c1a065ef8be1c9fd372350037ab49a074caec3d1ec3578d0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc35ebd3a148ef5689d39753d75047d68c9cf617ffc9b45fec8f2789b5ef4a8e

criminalz.org Open in urlscan Pro 2606:4700:3031::ac43:d334 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

83 %HTTPS

85 %IPv6

14 Domains

17 Subdomains

14 IPs

2 Countries

19422 kBTransfer

20746 kBSize

6 Cookies

3 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

criminalz.org Open in urlscan Pro
2606:4700:3031::ac43:d334 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

83 %
HTTPS

85 %
IPv6

14
Domains

17
Subdomains

14
IPs

2
Countries

19422 kB
Transfer

20746 kB
Size

6
Cookies

59 HTTP transactions
2 data transactions