r0s.jcink.net Open in urlscan Pro
104.161.46.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://r0s.jcink.net/
Submission: On October 16 via api (October 16th 2023, 4:09:44 pm UTC) from US — Scanned from DE

Summary HTTP 79 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 32 domains to perform 79 HTTP transactions. The main IP is 104.161.46.138, located in Phoenix, United States and belongs to IOFLOOD, US. The main domain is r0s.jcink.net.

This is the only time r0s.jcink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	104.161.46.138 104.161.46.138	53755 (IOFLOOD) (IOFLOOD)
10	108.5.85.87 108.5.85.87	701 (UUNET) (UUNET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:100:6022... 2620:100:6022:15::a27d:420f	19679 (DROPBOX) (DROPBOX)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2 2	71.19.144.37 71.19.144.37	47066 (PRGMR) (PRGMR)
2	2a02:26f0:350... 2a02:26f0:3500:18::1724:a297	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	74.120.188.204 74.120.188.204	22300 (FANDOM) (FANDOM)
4	75.98.175.98 75.98.175.98	55293 (A2HOSTING) (A2HOSTING)
1	151.101.64.241 151.101.64.241	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:d::1737:6eab	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.0.77.3 192.0.77.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	2606:4700:303... 2606:4700:3034::ac43:bad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	143.204.98.75 143.204.98.75	16509 (AMAZON-02) (AMAZON-02)
1	54.235.245.12 54.235.245.12	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
2 2	212.63.223.240 212.63.223.240	50827 (SPACEDUMP...) (SPACEDUMP-SPLIT-AS)
2	212.63.223.225 212.63.223.225	30880 (SPACEDUMP...) (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223c:e800:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
79	34

4 104.161.46.138 (Phoenix, United States)

ASN53755 (IOFLOOD, US)
PTR: s3.jcink.net

r0s.jcink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.b1.jcink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 108.5.85.87 (Oradell, United States)

ASN701 (UUNET, US)
PTR: pool-108-5-85-87.nwrknj.fios.verizon.net

files.jcink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:6022:15::a27d:420f (United States) 1 redirects

ASN19679 (DROPBOX, US)

dl.dropbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dl.dropboxusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 71.19.144.37 (Santa Clara, United States) 2 redirects

ASN47066 (PRGMR, US)
PTR: mcc.xen.prgmr.com

sig.grumpybumpers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:18::1724:a297 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.120.188.204 (Frankfurt am Main, Germany)

ASN22300 (FANDOM, US)

vignette.wikia.nocookie.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 75.98.175.98 (United States)

ASN55293 (A2HOSTING, US)
PTR: mi3-ss113.a2hosting.com

agreeordie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.241 (United States)

ASN54113 (FASTLY, US)

rlv.zcache.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

media.tenor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:d::1737:6eab (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

steamuserimages-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

64.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:bad8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

placehold.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-75.fra50.r.cloudfront.net

www.placeholder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.245.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-245-12.compute-1.amazonaws.com

via.placeholder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

rpgrating.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

cdn.ebaumsworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.63.223.240 (Sweden) 2 redirects

ASN50827 (SPACEDUMP-SPLIT-AS, SE)

i.imgbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.63.223.225 (Sweden)

ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE)

images3.imgbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:e800:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	jcink.net r0s.jcink.net files.jcink.net — Cisco Umbrella Rank: 882352	69 KB
11	criteo.net static.criteo.net — Cisco Umbrella Rank: 728 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9717 csm.eu.criteo.net — Cisco Umbrella Rank: 9249	76 KB
9	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4217	31 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	203 KB
5	nocookie.net vignette.wikia.nocookie.net — Cisco Umbrella Rank: 27736	23 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	19 KB
4	imgbox.com 2 redirects i.imgbox.com — Cisco Umbrella Rank: 268430 images3.imgbox.com — Cisco Umbrella Rank: 275010	9 KB
4	agreeordie.com agreeordie.com	225 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9209 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10275 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15502	58 KB
2	placeholder.com 1 redirects www.placeholder.com — Cisco Umbrella Rank: 76138 via.placeholder.com — Cisco Umbrella Rank: 30770	824 B
2	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 1997	119 KB
2	grumpybumpers.com 2 redirects sig.grumpybumpers.com — Cisco Umbrella Rank: 751703	514 B
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405 fonts.googleapis.com — Cisco Umbrella Rank: 49	31 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	5 KB
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2167	582 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	59 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	601 B
1	jcink.com files.b1.jcink.com	1 KB
1	ebaumsworld.com cdn.ebaumsworld.com — Cisco Umbrella Rank: 156075	638 KB
1	rpgrating.com rpgrating.com	4 KB
1	placehold.it 1 redirects placehold.it — Cisco Umbrella Rank: 54971	679 B
1	tumblr.com 64.media.tumblr.com — Cisco Umbrella Rank: 13353	804 KB
1	akamaihd.net steamuserimages-a.akamaihd.net — Cisco Umbrella Rank: 21748	930 KB
1	tenor.com media.tenor.com — Cisco Umbrella Rank: 7077	2 MB
1	zcache.com rlv.zcache.com — Cisco Umbrella Rank: 61848	54 KB
1	dropboxusercontent.com dl.dropboxusercontent.com — Cisco Umbrella Rank: 18757
1	dropbox.com 1 redirects dl.dropbox.com — Cisco Umbrella Rank: 56205	315 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	4 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1183	11 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 925	33 KB
0	dashflo.net Failed disweb.dashflo.net Failed
0	enacademic.com Failed enacademic.com Failed
79	32

	Domain	Requested by
10	files.jcink.net	r0s.jcink.net
9	static.addtoany.com	r0s.jcink.net static.addtoany.com
8	static.criteo.net	ads.eu.criteo.com
5	vignette.wikia.nocookie.net	r0s.jcink.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	agreeordie.com	r0s.jcink.net
4	pagead2.googlesyndication.com	r0s.jcink.net pagead2.googlesyndication.com www.googletagservices.com
3	r0s.jcink.net	r0s.jcink.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	tpc.googlesyndication.com	googleads.g.doubleclick.net
2	images3.imgbox.com	r0s.jcink.net
2	i.imgbox.com	2 redirects
2	i.pinimg.com	r0s.jcink.net
2	sig.grumpybumpers.com	2 redirects
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	imageproxy.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	files.b1.jcink.com	r0s.jcink.net
1	cdn.ebaumsworld.com	r0s.jcink.net
1	rpgrating.com	r0s.jcink.net
1	via.placeholder.com	r0s.jcink.net
1	www.placeholder.com	1 redirects
1	placehold.it	1 redirects
1	64.media.tumblr.com	r0s.jcink.net
1	steamuserimages-a.akamaihd.net	r0s.jcink.net
1	media.tenor.com	r0s.jcink.net
1	rlv.zcache.com	r0s.jcink.net
1	fonts.googleapis.com	r0s.jcink.net
1	dl.dropboxusercontent.com	r0s.jcink.net
1	dl.dropbox.com	1 redirects
1	cdn.jsdelivr.net	r0s.jcink.net
1	maxcdn.bootstrapcdn.com	r0s.jcink.net
1	ajax.googleapis.com	r0s.jcink.net
1	code.jquery.com	r0s.jcink.net
0	disweb.dashflo.net Failed	cdn.jsdelivr.net
0	enacademic.com Failed	r0s.jcink.net
79	41

This site contains links to these domains. Also see Links.

Domain
rpgrating.com
www.invisionboard.com
jcink.com
www.invisionpower.com
www.addtoany.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
jcink.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.wikia.nocookie.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-02` - `2024-03-04`	a year	crt.sh
agreeordie.com cPanel, Inc. Certification Authority	`2023-08-15` - `2023-11-13`	3 months	crt.sh
i2.pinimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-03` - `2024-05-15`	a year	crt.sh
rlv.zcache.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-09-25`	a year	crt.sh
c.tenor.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.media.tumblr.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-29` - `2024-01-29`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://r0s.jcink.net/
Frame ID: 87672D95DCE62AA824EBDA2AE127F548
Requests: 52 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 6CC31BDB8420085EE6E5E8D420692CAD
Requests: 1 HTTP requests in this frame

Frame: http://r0s.jcink.net/sb_iframe.php?step=D2
Frame ID: 13021EB43BC33456E1E22E55DD558953
Requests: 1 HTTP requests in this frame

Frame: https://disweb.dashflo.net/channels/745056077057622189/745056077057622189?api=02e9b846-4512-4beb-adf0-317d7da5ca11
Frame ID: 8F183975D9B7F7C148A2901ACDFE402D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 93364FD6EFA85B1B9EB9AF38A28A1AE7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=2583790460&adf=592325212&w=468&lmt=1697465378&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=http%3A%2F%2Fr0s.jcink.net%2F&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&dt=1697472578098&bpp=218&bdt=845&idt=527&shv=r20231011&mjsv=m202310100101&ptt=5&saldr=sd&abxe=1&correlator=4314921655485&frm=20&pv=2&ga_vid=1846418421.1697472579&ga_sid=1697472579&ga_hid=543588091&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078593%2C44805113%2C44805919%2C31078773&oid=2&pvsid=1949286255135703&tmod=550876855&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HWu43xpuj8&p=http%3A//r0s.jcink.net&dtd=557
Frame ID: BCA3179A177805391F42CDAA1503C069
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&adk=1812271804&adf=3025194257&lmt=1697465378&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&channel=7887076200&format=0x0&url=http%3A%2F%2Fr0s.jcink.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&ascmds=1&dt=1697472578341&bpp=2&bdt=1088&idt=328&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60_as&nras=1&correlator=4314921655485&pv_ch=7887076200%2B&frm=20&pv=1&ga_vid=1846418421.1697472579&ga_sid=1697472579&ga_hid=543588091&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078593%2C44805113%2C44805919&oid=2&pvsid=1949286255135703&tmod=550876855&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=360
Frame ID: A46896BBE5ACF83EE81B180B9BCE0E34
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS1gQgALvqMKW-oFAAWwboR02eYnZPaMqjIbMA&u=%7C50zaGzyppugvc3YIopoPuL%2B2ZTDeN%2FnJKXZMpEDodN8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNtn_FM3sgCa8fcyY_0H3RVnZwF4SFGPIHdYA2Y9HdOnwkQfeZ-KfQvmkM81QvutXD_aXDllClAp5lSiOYTJPiMwVFheT7xHuqwC-0ShVIodbSAS1ooNuXpQETwo9_rILWTo1P7bAIP_yWE5ymThU_fcs95iaekQ_T2IiJW5X5zL9zSEItQtFVyjwBwe_1e-O-czjcIlQJzk5YmNorGZb3ZjUmpZsei3MUExOk2ONsQrw6gYDzngh6MIOOfTvDiGHhf2MUFK65W0WGUYTF7sW12galon8xxL6WdMnEhu3vge15kTNcCiyzIyoqNdbc1zpBsDkR5729P6gOIXkltLFLlIiB37xYdAvXLwPX--P3_VPlgNcmWbgaI5xVlhsvctsiwtjAV8Kk1TkkCnB_pU5JBJ_njiHzF7crE3J3XdjvlsB9KNbIx5bI16TGAmCPjtOnfZoX6P1DiOCTTPWDA4DIOkQVRuPUKASrSYXB3EbiZPni3YCCOXY08a3jWyLPj5oKpCVny6K6MGnoLqJfrYL3w6TO7VJPCqFbw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzomyQmAtZaP9LoXU7wLu4JZwyZ7SsVzVnZH3cMCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02MTU3NjkwNDM3NTk0NDI5yAEJqQJ0rdIaaLCxPqgDAcgDAqoEqgFP0KjRGCfPP6LlTO1SS5826NgAU_Ujo4vef0HlTdhDrwXIBMrM4R8LUPVYcF6MjAbsTdremZSdiFv4KLmld7RyPsgcAHraXJVKVY4X8DygXB_8Salt9MLFL1_xHRRWqcFZvjktEh9mXhlW3wltLbdk4C6rRYAB8bezrmxCY0uCyiDftUpATz6yt1frUuFDNy2Tena-nK7WituuJvlG-kIcaEuWab7WNnOn34AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32bnNyTOE1SZH-tCzcMrhoNwId5Q%26client%3Dca-pub-6157690437594429%26adurl%3D
Frame ID: 83D21E8BB3EB34078F90F5D7F4AAC462
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Return Of Shinobi

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

79
Requests

78 %
HTTPS

65 %
IPv6

32
Domains

41
Subdomains

34
IPs

4
Countries

4978 kB
Transfer

7124 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://rpgrating.com/

Search URL Search Domain Scan URL

URL: https://www.invisionboard.com/
Title: Invision Power Board

Search URL Search Domain Scan URL

URL: http://jcink.com/
Title: Jcink.com

Search URL Search Domain Scan URL

URL: https://jcink.com/
Title: Forum Hosting

Search URL Search Domain Scan URL

URL: https://www.invisionpower.com/
Title: IPS, Inc.

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://dl.dropbox.com/s/vpi3f9s7nhpe7v7/honeybee.css HTTP 307
https://dl.dropbox.com/s/vpi3f9s7nhpe7v7/honeybee.css HTTP 302
https://dl.dropboxusercontent.com/s/vpi3f9s7nhpe7v7/honeybee.css

Request Chain 17

https://sig.grumpybumpers.com/host/ROS100.gif HTTP 302
https://i.pinimg.com/736x/17/c7/63/17c7635a48b5e8743d1a122303a8c475.jpg

Request Chain 33

http://placehold.it/33x33 HTTP 301
https://www.placeholder.com/33x33 HTTP 301
http://via.placeholder.com/33x33

Request Chain 39

https://sig.grumpybumpers.com/host/Sasuke.gif HTTP 302
https://cdn.ebaumsworld.com/mediaFiles/picture/2365184/84434833.png

Request Chain 43

https://i.imgbox.com/v0FYMKBD.png HTTP 301
https://images3.imgbox.com/f6/c0/v0FYMKBD_o.png

Request Chain 44

https://i.imgbox.com/YeLNhrQ7.png HTTP 301
https://images3.imgbox.com/d3/cf/YeLNhrQ7_o.png

79 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
r0s.jcink.net/ 113 KB
19 KB 450ms
273ms Document
text/html 104.161.46.138
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Server: 104.161.46.138 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: s3.jcink.net
Software: nginx /
Resource Hash: fb9f4e9a2afa3eb9b9b4a031dabd468b581af1724f2a253085604a31613da1b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 18596
Content-Type: text/html; charset=UTF-8
Date: Mon, 16 Oct 2023 16:09:37 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
files.jcink.net/html/ 93 KB
33 KB 269ms
130ms Script
text/javascript 108.5.85.87
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: http://files.jcink.net/html/jquery-1.7.2.min.js
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Server: 108.5.85.87 Oradell, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-5-85-87.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:37 GMT
Content-Encoding: gzip
Last-Modified: Sun, 08 Jul 2012 10:03:46 GMT
Server: Apache
ETag: "5c8637-17278-4c44e9cf4d3af"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 33622

GET
H/1.1 200
OK jquery.cookie-1.3.1.js Show response
files.jcink.net/html/ 2 KB
1 KB 263ms
123ms Script
text/javascript 108.5.85.87
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: http://files.jcink.net/html/jquery.cookie-1.3.1.js
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Server: 108.5.85.87 Oradell, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-5-85-87.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 9a825167169a7545dbdfae7041c5554bb9fc666c4bb5898f5ebe4c4cf13bfff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Aug 2013 04:57:13 GMT
Server: Apache
ETag: "980411-902-4e4821f947500"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1067

GET
H/1.1 200
OK catcollapse.js Show response
files.jcink.net/html/ 3 KB
1 KB 266ms
126ms Script
text/javascript 108.5.85.87
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: http://files.jcink.net/html/catcollapse.js
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Server: 108.5.85.87 Oradell, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-5-85-87.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 9e44a522f42ea65ada2082d3abd4a61ad7b78ca2f732e3e8c7d4cb39a90d6eac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Jun 2013 15:44:45 GMT
Server: Apache
ETag: "5c6a9c-a54-4de55f5e091dc"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 851

GET
H/1.1 200
OK jquery.min.js Show response
code.jquery.com/ 94 KB
33 KB 71ms
28ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery.min.js
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:37 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 2670378
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 33226
X-Served-By: cache-lga13621-LGA, cache-fra-eddf8230082-FRA
Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
Server: nginx
X-Timer: S1697472577.490860,VS0,VE0
ETag: W/"28feccc0-1764d"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
Accept-Ranges: bytes
X-Cache-Hits: 15, 33254

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 196ms
58ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: r0s.jcink.net
URL: http://r0s.jcink.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 20:16:22 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/ 37 KB
11 KB 122ms
50ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js

Requested by

Host: r0s.jcink.net
URL: http://r0s.jcink.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 565, 617, 617
age: 8122870
cdn-cachedat: 2021-06-08 12:48:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e0b05ba095a9707b13cc8d7175621831
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8171913979ce3510-WAW
cdn-requestpullsuccess: True

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 115ms
43ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: r0s.jcink.net
URL: http://r0s.jcink.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e6d23e4a97f15652c1709f999062fcced9990b5090dde0d22b869247ea0869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:37 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 20364
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Sep 2023 10:29:33 GMT
server: cloudflare
etag: W/"c09-60618514a9dca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 8171913c2cf24d26-FRA

GET
H2 200 html-embed Show response
cdn.jsdelivr.net/npm/@widgetbot/ 9 KB
4 KB 121ms
44ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@widgetbot/html-embed

Requested by

Host: r0s.jcink.net
URL: http://r0s.jcink.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

446157a70a12930e3dc64a54a31cd710ce4a668fdc11a503545936b1e7ae2b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 31944
x-jsd-version: 1.3.0
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230068-FRA, cache-yyz4545-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"241c-Aqo8kkN2pysDNWv5mDhIShDx54A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXPpI7skC4YHXK4bk%2BdPknE7uVQR8JfK1GquSC5Pd1m3hgOp28ajnEx0Kl2fW7gCg26gopHfUA4IpepkhX0vSDvxLuX80%2F8ZPvGIoKDk94AbGpGsUnLMfwpCNHQZrAPoS%2FWVp4g%2BpSOS8sJMtIk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 817191398fe1bfc1-WAW

GET
H2

404

honeybee.css
dl.dropboxusercontent.com/s/vpi3f9s7nhpe7v7/
Redirect Chain

http://dl.dropbox.com/s/vpi3f9s7nhpe7v7/honeybee.css
https://dl.dropbox.com/s/vpi3f9s7nhpe7v7/honeybee.css
https://dl.dropboxusercontent.com/s/vpi3f9s7nhpe7v7/honeybee.css

0
0

343ms
330ms

Stylesheet
text/html

2620:100:6022:15::a27d:420f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.dropboxusercontent.com/s/vpi3f9s7nhpe7v7/honeybee.css
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: H2
Server: 2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Redirect headers

content-security-policy: sandbox
date: Mon, 16 Oct 2023 16:09:37 GMT
content-encoding: gzip
accept-encoding: identity,gzip
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-type: text/html; charset=utf-8
location: https://dl.dropboxusercontent.com/s/vpi3f9s7nhpe7v7/honeybee.css
x-dropbox-request-id: 01009ad8d1824fb38aa0918388542844
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
844 B 192ms
66ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Hind&display=swap

Requested by

Host: r0s.jcink.net
URL: http://r0s.jcink.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6d773161647b1943e21a07d661fe10986c506f4fd48f1e21b329a324f312a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Oct 2023 16:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 16:01:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Oct 2023 16:09:37 GMT

GET
H/1.1 200
OK spacer.gif
r0s.jcink.net/style_images/1/ 43 B
284 B 238ms
237ms Image
image/gif 104.161.46.138
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://r0s.jcink.net/style_images/1/spacer.gif
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Server: 104.161.46.138 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: s3.jcink.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:37 GMT
Last-Modified: Tue, 27 Jun 2006 00:33:28 GMT
Server: nginx
ETag: "5cc4f0-2b-41729d8f6e600"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK atb_help.gif
files.jcink.net/style_images/1/ 587 B
854 B 521ms
125ms Image
image/gif 108.5.85.87
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jcink.net/style_images/1/atb_help.gif
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.5.85.87 Oradell, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-5-85-87.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 973cdf4604622a582de5ec5fc459eb8fd459f4e956639014bd093fd252e088e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:37 GMT
Last-Modified: Fri, 21 Jul 2006 00:02:15 GMT
Server: Apache
ETag: "5cc494-24b-4190c35842fc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 587

GET
H/1.1 200
OK atb_search.gif
files.jcink.net/style_images/1/ 554 B
821 B 407ms
124ms Image
image/gif 108.5.85.87
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jcink.net/style_images/1/atb_search.gif
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.5.85.87 Oradell, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-5-85-87.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 8bd47115b403213277667f22168fa894598202ae08b473f6ee2bcb3b8128a810

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
Last-Modified: Fri, 21 Jul 2006 00:02:16 GMT
Server: Apache
ETag: "5cc499-22a-4190c35937200"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 554

GET
H/1.1 200
OK atb_members.gif
files.jcink.net/style_images/1/ 641 B
908 B 323ms
123ms Image
image/gif 108.5.85.87
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jcink.net/style_images/1/atb_members.gif
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.5.85.87 Oradell, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-5-85-87.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: caebd4676e90fb46d42cf3ee6af3d70df6c48f4b3d5838a82491ce2269fd3277

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
Last-Modified: Fri, 21 Jul 2006 00:02:15 GMT
Server: Apache
ETag: "5cc497-281-4190c35842fc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 641

GET
H/1.1 200
OK atb_calendar.gif
files.jcink.net/style_images/1/ 616 B
883 B 348ms
124ms Image
image/gif 108.5.85.87
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jcink.net/style_images/1/atb_calendar.gif
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.5.85.87 Oradell, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-5-85-87.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: d44c62654b3ede573d577c3718e1011bc54e0f8b5848aa9482eec5cbf19e1f9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
Last-Modified: Fri, 21 Jul 2006 00:02:15 GMT
Server: Apache
ETag: "5cc490-268-4190c35842fc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 616

GET
H/1.1 200
OK atb_shoutbox.gif
files.jcink.net/style_images/1/ 361 B
628 B 377ms
124ms Image
image/gif 108.5.85.87
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jcink.net/style_images/1/atb_shoutbox.gif
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.5.85.87 Oradell, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-5-85-87.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: cc3d482e79df6bbf7303b4a847461b429fc7ee463a7307684e62d7692f52c6b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
Last-Modified: Thu, 29 Jun 2006 23:57:09 GMT
Server: Apache
ETag: "5cc49a-169-41765b09c1f40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 361

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 23 KB
10 KB 226ms
98ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: r0s.jcink.net
URL: http://r0s.jcink.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1092934082f3c2723639d10413424bcd14918221aaf1526e2e7e8c1bc1ec96be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9555
x-xss-protection: 0
server: cafe
etag: 5721733227323630503
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:09:38 GMT

GET
H2

200

17c7635a48b5e8743d1a122303a8c475.jpg
i.pinimg.com/736x/17/c7/63/
Redirect Chain

https://sig.grumpybumpers.com/host/ROS100.gif
https://i.pinimg.com/736x/17/c7/63/17c7635a48b5e8743d1a122303a8c475.jpg

81 KB
81 KB

132ms
130ms

Image
image/jpeg

2a02:26f0:3500:18::1724:a297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/17/c7/63/17c7635a48b5e8743d1a122303a8c475.jpg
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: H2
Server: 2a02:26f0:3500:18::1724:a297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 34a13799a04b7736e8a7236655b90eed0cefa4f486e277bff9485a944b2ce0f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 69
x-cdn: akamai
akamai-grn: 0.97a02417.1697472578.862b44d
x-edgeconnect-midmile-rtt: 0
etag: "bee6e4f4cec6163a5e76c7852c733d35"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 82873

Redirect headers

Location: https://i.pinimg.com/736x/17/c7/63/17c7635a48b5e8743d1a122303a8c475.jpg
Date: Mon, 16 Oct 2023 16:09:38 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: close
Content-Length: 343
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 Land_of_Fire_Icon.png
vignette.wikia.nocookie.net/dakotti/images/f/f2/ 3 KB
4 KB 173ms
56ms Image
image/webp 74.120.188.204
FANDOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/dakotti/images/f/f2/Land_of_Fire_Icon.png
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.204 Frankfurt am Main, Germany, ASN22300 (FANDOM, US),
Reverse DNS
Software: envoy /
Resource Hash: db32c015e4a319f87bd16f8917095505a63a5e25825e26cac929d3d06a337b1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:31:30 GMT
nel: {"report_to":"nel","max_age":604800,"failure_fraction":0.01}
x-cacheable: YES
age: 7267087
x-cache: ORIGIN, HIT
x-envoy-upstream-service-time: 129
content-disposition: inline; filename="Land_of_Fire_Icon.webp"; filename*=UTF-8''Land_of_Fire_Icon.webp
content-length: 3304
x-served-by: thumblr-85d895d8f4-wlcwr, wk-cdn-f5
surrogate-key: 838752b506d75784cc3672cfd650e86eace1d2b5 wiki-dakotti thumblr original v:8b67f4f
x-thumbnailer: Thumblr
server: envoy
etag: "CJ6W/I+i/v8CEAE="
vary: Accept
report-to: {"group":"nel","endpoints":[{"url":"https://services.fandom.com/browser-errors/report"}],"max_age":604800,"include_subdomains":true}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Range
x-cache-hits: ORIGIN, 13

GET
H2 200 Land_of_Wind_Icon.png
vignette.wikia.nocookie.net/dakotti/images/1/1c/ 4 KB
5 KB 164ms
48ms Image
image/webp 74.120.188.204
FANDOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/dakotti/images/1/1c/Land_of_Wind_Icon.png
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.204 Frankfurt am Main, Germany, ASN22300 (FANDOM, US),
Reverse DNS
Software: envoy /
Resource Hash: 6a7dc9273ec915b17d657b89718901497c75921f6bbc6d677c76bc2a5c92b482

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:31:30 GMT
nel: {"report_to":"nel","max_age":604800,"failure_fraction":0.01}
x-cacheable: YES
age: 7267087
x-cache: ORIGIN, HIT
x-envoy-upstream-service-time: 128
content-disposition: inline; filename="Land_of_Wind_Icon.webp"; filename*=UTF-8''Land_of_Wind_Icon.webp
content-length: 4032
x-served-by: thumblr-85d895d8f4-pppzj, wk-cdn-f1
surrogate-key: 1395e5e37ef002086ea38218151caafb229a3aae wiki-dakotti thumblr original v:8b67f4f
x-thumbnailer: Thumblr
server: envoy
etag: "CPSxx/qKloADEAE="
vary: Accept
report-to: {"group":"nel","endpoints":[{"url":"https://services.fandom.com/browser-errors/report"}],"max_age":604800,"include_subdomains":true}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Range
x-cache-hits: ORIGIN, 13

GET
H2 200 Land_of_Water_Icon.png
vignette.wikia.nocookie.net/dakotti/images/6/68/ 4 KB
5 KB 103ms
84ms Image
image/webp 74.120.188.204
FANDOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/dakotti/images/6/68/Land_of_Water_Icon.png
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.204 Frankfurt am Main, Germany, ASN22300 (FANDOM, US),
Reverse DNS
Software: envoy /
Resource Hash: 53a3fdf6a76bebd0603a9070dc2aa026401c7bb183d8186f6e2fcceac35114cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:31:30 GMT
nel: {"report_to":"nel","max_age":604800,"failure_fraction":0.01}
x-cacheable: YES
age: 7267087
x-cache: ORIGIN, HIT
x-envoy-upstream-service-time: 87
content-disposition: inline; filename="Land_of_Water_Icon.webp"; filename*=UTF-8''Land_of_Water_Icon.webp
content-length: 4124
x-served-by: thumblr-85d895d8f4-mc9tw, wk-cdn-f5
surrogate-key: 29ad4051ee32cfd9dc940d74800e412f6ac39896 wiki-dakotti thumblr original v:8b67f4f
x-thumbnailer: Thumblr
server: envoy
etag: "CNWh+4+i/v8CEAE="
vary: Accept
report-to: {"group":"nel","endpoints":[{"url":"https://services.fandom.com/browser-errors/report"}],"max_age":604800,"include_subdomains":true}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Range
x-cache-hits: ORIGIN, 13

GET
H2 200 Land_of_Lightning_Icon.png
vignette.wikia.nocookie.net/dakotti/images/6/6b/ 5 KB
6 KB 52ms
50ms Image
image/webp 74.120.188.204
FANDOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/dakotti/images/6/6b/Land_of_Lightning_Icon.png
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.204 Frankfurt am Main, Germany, ASN22300 (FANDOM, US),
Reverse DNS
Software: envoy /
Resource Hash: 8f520b33a8cce3f8f5f1634fd852d3365890c5f39a9be7548c3f0879f0e72ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:31:30 GMT
nel: {"report_to":"nel","max_age":604800,"failure_fraction":0.01}
x-cacheable: YES
age: 7267087
x-cache: ORIGIN, HIT
x-envoy-upstream-service-time: 235
content-disposition: inline; filename="Land_of_Lightning_Icon.webp"; filename*=UTF-8''Land_of_Lightning_Icon.webp
content-length: 4858
x-served-by: thumblr-85d895d8f4-54tg5, wk-cdn-f1
surrogate-key: b8942c2e980d32b9a53ab2a2d2b8d302540008a2 wiki-dakotti thumblr original v:8b67f4f
x-thumbnailer: Thumblr
server: envoy
etag: "CIWBxvqKloADEAE="
vary: Accept
report-to: {"group":"nel","endpoints":[{"url":"https://services.fandom.com/browser-errors/report"}],"max_age":604800,"include_subdomains":true}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Range
x-cache-hits: ORIGIN, 13

GET
H2 200 Land_of_Earth_Icon.png
vignette.wikia.nocookie.net/dakotti/images/c/c1/ 3 KB
4 KB 46ms
45ms Image
image/webp 74.120.188.204
FANDOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/dakotti/images/c/c1/Land_of_Earth_Icon.png
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.204 Frankfurt am Main, Germany, ASN22300 (FANDOM, US),
Reverse DNS
Software: envoy /
Resource Hash: 79b438afa851ba7373f6b11d13d45ed8a96eff0366f97205c312eba0850c105e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:31:30 GMT
nel: {"report_to":"nel","max_age":604800,"failure_fraction":0.01}
x-cacheable: YES
age: 7267087
x-cache: ORIGIN, HIT
x-envoy-upstream-service-time: 165
content-disposition: inline; filename="Land_of_Earth_Icon.webp"; filename*=UTF-8''Land_of_Earth_Icon.webp
content-length: 3182
x-served-by: thumblr-85d895d8f4-c8jf2, wk-cdn-f1
surrogate-key: 1cbdad95a2f67e120a96d50de10cb5203e86be0e wiki-dakotti thumblr original v:8b67f4f
x-thumbnailer: Thumblr
server: envoy
etag: "CNbW+4+i/v8CEAE="
vary: Accept
report-to: {"group":"nel","endpoints":[{"url":"https://services.fandom.com/browser-errors/report"}],"max_age":604800,"include_subdomains":true}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Range
x-cache-hits: ORIGIN, 13

GET Japanese_Imperial_Seal.svg
enacademic.com/pictures/enwiki/74/ 0
0

GET
H/1.1 200
OK hokage.jpg
agreeordie.com/wp-content/uploads/2014/08/ 122 KB
57 KB 475ms
139ms Image
image/jpeg 75.98.175.98
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://agreeordie.com/wp-content/uploads/2014/08/hokage.jpg

Requested by

Host: r0s.jcink.net
URL: http://r0s.jcink.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

75.98.175.98 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss113.a2hosting.com

Software

Apache /

Resource Hash

9357cbe2bd1d74e12bd19151d730465b4dc30ea86d202e4d1b61dd99c737b0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Aug 2014 22:40:37 GMT
Server: Apache
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500

GET
H/1.1 200
OK kazekage.jpg
agreeordie.com/wp-content/uploads/2014/08/ 134 KB
73 KB 467ms
138ms Image
image/jpeg 75.98.175.98
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://agreeordie.com/wp-content/uploads/2014/08/kazekage.jpg

Requested by

Host: r0s.jcink.net
URL: http://r0s.jcink.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

75.98.175.98 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss113.a2hosting.com

Software

Apache /

Resource Hash

2f7562c8d0dff59f38176a49521e169a7a4d0d6c021e14e20823a645506999c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Aug 2014 22:40:43 GMT
Server: Apache
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500

GET
H/1.1 200
OK mizukage.jpg
agreeordie.com/wp-content/uploads/2014/08/ 120 KB
58 KB 441ms
139ms Image
image/jpeg 75.98.175.98
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://agreeordie.com/wp-content/uploads/2014/08/mizukage.jpg

Requested by

Host: r0s.jcink.net
URL: http://r0s.jcink.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

75.98.175.98 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss113.a2hosting.com

Software

Apache /

Resource Hash

7f7be5da3d986314b6722d54bd878c054f4698a20d8b6950030e7d0772896fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Aug 2014 22:40:48 GMT
Server: Apache
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500

GET
H/1.1 200
OK raikage.jpg
agreeordie.com/wp-content/uploads/2014/08/ 129 KB
36 KB 421ms
140ms Image
image/jpeg 75.98.175.98
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://agreeordie.com/wp-content/uploads/2014/08/raikage.jpg

Requested by

Host: r0s.jcink.net
URL: http://r0s.jcink.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

75.98.175.98 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss113.a2hosting.com

Software

Apache /

Resource Hash

86aef0239de251debd54d3177287f09afd13cad1ab477b5e99625cde328e5a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Aug 2014 22:40:52 GMT
Server: Apache
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500

GET
H2 200 3a43852187624ea62e6cbe15f2401895.jpg
i.pinimg.com/originals/3a/43/85/ 38 KB
38 KB 469ms
305ms Image
image/jpeg 2a02:26f0:3500:18::1724:a297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/3a/43/85/3a43852187624ea62e6cbe15f2401895.jpg
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cb3d7faf374ffbc2a00d9de0ae9322e0347d4cd65837b714ff072fdd8cde7442

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.97a02417.1697472578.862a8be
etag: "ae6207a23a0d528a405ffc281f1dae93"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 38611

GET
H2 200 japanese_family_crest_kamon_symbol_classic_round_sticker-r46eabfcea65b4668b6790d80cb5b61aa_0ugmp_8byvr_540.jpg
rlv.zcache.com/ 54 KB
54 KB 268ms
183ms Image
image/jpeg 151.101.64.241
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rlv.zcache.com/japanese_family_crest_kamon_symbol_classic_round_sticker-r46eabfcea65b4668b6790d80cb5b61aa_0ugmp_8byvr_540.jpg

Requested by

Host: r0s.jcink.net
URL: http://r0s.jcink.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.241 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

254ee8a084947b96025a3c58631867761ae449eb084b0436d9f4aefa5b877ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
age: 525612
x-cache: HIT, MISS
x-image-height: 540
content-length: 55098
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10035-SJC, cache-fra-eddf8230133-FRA
x-image-width: 540
last-modified: Tue, 10 Oct 2023 14:09:25 GMT
x-timer: S1697472578.245116,VS0,VE155
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=3974400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 14:09:26 GMT

GET
H2 200 genjutsu.gif
media.tenor.com/4NsU25VMk9IAAAAC/ 2 MB
2 MB 396ms
221ms Image
image/gif 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.tenor.com/4NsU25VMk9IAAAAC/genjutsu.gif

Requested by

Host: r0s.jcink.net
URL: http://r0s.jcink.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24252d6686ba0db029b12c62f77cf38f51f72d9b55ae884f7b2098a17413162a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1607436
x-xss-protection: 0
last-modified: Sun, 07 Feb 2021 14:27:47 GMT
server: sffe
report-to: {"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="media-tenor-team"
expires: Tue, 17 Oct 2023 16:09:38 GMT

GET
H2 200 /
steamuserimages-a.akamaihd.net/ugc/936060405260242599/C1A0DA778189FF29FEC67613FFF28CCBF74580DB/ 928 KB
930 KB 766ms
659ms Image
image/gif 2a02:26f0:1700:d::1737:6eab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamuserimages-a.akamaihd.net/ugc/936060405260242599/C1A0DA778189FF29FEC67613FFF28CCBF74580DB/?imw=5000&imh=5000&ima=fit&impolicy=Letterbox&imcolor=%23000000&letterbox=false
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6eab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: bc0ff83a62461c778338ec2553f83ed8fc85468939cf23d533e1dca955d2a9d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
last-modified: Wed, 09 Aug 2023 11:15:45 GMT
server: Akamai Image Manager
x-serial: 464
x-check-cacheable: YES
etag: "0x8D592986FA99D49"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=604788
content-length: 950705
expires: Mon, 23 Oct 2023 16:09:26 GMT

GET
H2 200 tumblr_mb4ml8IDaL1qeqhx5o1_500.gif
64.media.tumblr.com/ 802 KB
804 KB 104ms
35ms Image
image/gif 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/tumblr_mb4ml8IDaL1qeqhx5o1_500.gif

Requested by

Host: r0s.jcink.net
URL: http://r0s.jcink.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4aae1897e3106cb0205c506c7f6e002893e8669aeaac86b5cea1ac66f25888cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
strict-transport-security: max-age=31536000; preload
content-disposition: inline; filename="tumblr_mb4ml8IDaL1qeqhx5o1_500.gif"
server-timing: dc;desc=hhn, cache;desc=MISS;dur=8.0
content-length: 821521
x-nc: MISS hhn 2
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "6007d5b7b75de5b7fee6e8967deed99d-1523937600-2091c33"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1

200
OK

33x33
via.placeholder.com/
Redirect Chain

http://placehold.it/33x33
https://www.placeholder.com/33x33
http://via.placeholder.com/33x33

345 B
550 B

270ms
136ms

Image
image/png

54.235.245.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://via.placeholder.com/33x33
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Server: 54.235.245.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-245-12.compute-1.amazonaws.com
Software: Werkzeug/2.2.2 Python/3.9.16 /
Resource Hash: 3098f0c20f3249f6ef2d31671b4b8afe47d3da930d5630436cd47d758c88c227

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
Cache-Control: public, max-age=31557600
Server: Werkzeug/2.2.2 Python/3.9.16
Connection: keep-alive
Content-Length: 345
Content-Type: image/png

Redirect headers

date: Mon, 16 Oct 2023 16:09:38 GMT
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: FunctionGeneratedResponse from cloudfront
location: http://via.placeholder.com/33x33
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: 5tvfMGNQvxgcbuEYZ1CnpQewXhP04LNMLHmzvomlpqtQl5A3kRpemw==

GET
H/1.1 200
OK 323.png
rpgrating.com/ratings/ 3 KB
4 KB 417ms
348ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rpgrating.com/ratings/323.png
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2070f3dbf7eeb6c2530aac9708c0d84a6ff08772330f33482aab3be2cd57080

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 03 Nov 2022 02:15:44 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "6da149e-c06-5ec8788e0b962"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skkIbYxveujYgP0BQruzfCzkYngs%2Fu%2BVJI38%2FFUyVZs4c4LNwWkTfBjIbhUvXhzW2loenmKwAuua4%2FdhvQRFtCbyOdb%2FuAeGvOrd0lFQvR4ro6CZkd8GSIjR64hA0WX7HSY67PULaP0TJ8YQ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8171913de9e491fc-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 3078

GET
H/1.1 200
OK cat-collapse.png
files.jcink.net/themes/default/ 1 KB
1 KB 126ms
125ms Image
image/png 108.5.85.87
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jcink.net/themes/default/cat-collapse.png
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.5.85.87 Oradell, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-5-85-87.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 8100261b0d8216cb30c22a7117ac261a68fba9b6d65d9e5d163508cbde8df678

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
Last-Modified: Mon, 01 Oct 2012 21:17:06 GMT
Server: Apache
ETag: "7c1835-4c0-4cb05ed831582"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1216

GET
H/1.1 200
OK white-cube-large.png
files.jcink.net/themes/default/ 1 KB
2 KB 125ms
125ms Image
image/png 108.5.85.87
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jcink.net/themes/default/white-cube-large.png
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.5.85.87 Oradell, United States, ASN701 (UUNET, US),
Reverse DNS: pool-108-5-85-87.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 31b38a181392d71b1c50db704aa1b2705c7f8487112168ff4722f110dc47f1a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
Last-Modified: Mon, 01 Oct 2012 21:17:07 GMT
Server: Apache
ETag: "7c1f01-5a9-4cb05ed8572b6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1449

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 6CC3 677 B
564 B 54ms
52ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://r0s.jcink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1256005
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8171913c7d5f4d26-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 16 Oct 2023 16:09:38 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H3 200 core.f4498a6a.js Show response
static.addtoany.com/menu/modules/ 70 KB
25 KB 186ms
148ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.f4498a6a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3c20825909bb222fd8ec5db0a985fb397c20a97d8362858ccfffb576e13a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://r0s.jcink.net/
Origin: http://r0s.jcink.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
via: e8s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sun, 24 Sep 2023 10:29:31 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"11650-606185138cb5e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 8171913cbed35d41-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

84434833.png
cdn.ebaumsworld.com/mediaFiles/picture/2365184/
Redirect Chain

https://sig.grumpybumpers.com/host/Sasuke.gif
https://cdn.ebaumsworld.com/mediaFiles/picture/2365184/84434833.png

637 KB
638 KB

466ms
328ms

Image
image/png

178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ebaumsworld.com/mediaFiles/picture/2365184/84434833.png
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: H2
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 34bf87c3870fd39d0ae308440e8d75d21ae6f74e9d4a97214db87a1e49daac64

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
last-modified: Tue, 29 Nov 2022 00:39:44 GMT
server: AmazonS3
x-amz-request-id: 9A2TB8TJEM11HB64
age: 1577102
content-type: image/png
content-length: 652534
x-amz-id-2: /F8NDT7wEUhwpSqGVpwVh/C95QeAdpn3/8NQ//+Ub6btg1uhFMNStOVmXC3fERDDGWnRP4G+tCE=
x-llid: 3f7409c74fe5c05353fc4dd4ca8339c8
x-amz-meta-mtime: 1669682277.199316391

Redirect headers

Location: https://cdn.ebaumsworld.com/mediaFiles/picture/2365184/84434833.png
Date: Mon, 16 Oct 2023 16:09:38 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: close
Content-Length: 339
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK magnifying-glass.png
files.b1.jcink.com/themes/default/ 1001 B
1 KB 430ms
238ms Image
image/png 104.161.46.138
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://files.b1.jcink.com/themes/default/magnifying-glass.png
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Server: 104.161.46.138 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: s3.jcink.net
Software: nginx /
Resource Hash: 08ff720283f3abc76864cf0fa40a1bec3f14d7aa3a1265958ac3a8d22df4550d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
Last-Modified: Mon, 01 Oct 2012 21:17:06 GMT
Server: nginx
ETag: "7c1839-3e9-4cb05ed83d0ec"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 119ms
118ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

303e8013dab6b91259fbfc4f420ba62a730208c5c9b562a265a690aaccc7b9de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51268
x-xss-protection: 0
server: cafe
etag: 12845893458587681456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:09:38 GMT

GET
H/1.1 200
OK sb_iframe.php Show response
r0s.jcink.net/ Frame 1302 31 KB
7 KB 245ms
245ms Document
text/html 104.161.46.138
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: http://r0s.jcink.net/sb_iframe.php?step=D2
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Server: 104.161.46.138 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: s3.jcink.net
Software: nginx /
Resource Hash: e79fa2ca5cfdeba3c69625ae433025fff95db569d007f04784919048944999d3

Request headers

Referer: http://r0s.jcink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 7202
Content-Type: text/html; charset=UTF-8
Date: Mon, 16 Oct 2023 16:09:38 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1

200
OK

v0FYMKBD_o.png
images3.imgbox.com/f6/c0/
Redirect Chain

https://i.imgbox.com/v0FYMKBD.png
https://images3.imgbox.com/f6/c0/v0FYMKBD_o.png

8 KB
9 KB

201ms
113ms

Image
image/png

212.63.223.225
SPACEDUMP-AS This...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images3.imgbox.com/f6/c0/v0FYMKBD_o.png
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Server: 212.63.223.225 , Sweden, ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: cd973c2b1ef865b051fc1845de9ae66cbb072a601e4bda7157f3a986b1fea0df

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
last-modified: Sat, 02 Dec 2017 13:29:47 GMT
Server: nginx/1.14.2
etag: "20d1-55f5b7a9c3bf1"
X-Cache: MISS
Content-Type: image/png
cache-control: max-age=10660396
X-Whom: srv1535
accept-ranges: bytes
Content-Length: 8401
expires: Sat, 17 Feb 2024 01:22:54 GMT

Redirect headers

Location: https://images3.imgbox.com/f6/c0/v0FYMKBD_o.png
Date: Mon, 16 Oct 2023 16:09:38 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.1.12
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

YeLNhrQ7_o.png
images3.imgbox.com/d3/cf/
Redirect Chain

https://i.imgbox.com/YeLNhrQ7.png
https://images3.imgbox.com/d3/cf/YeLNhrQ7_o.png

835 KB
0

902ms
812ms

Image
image/png

212.63.223.225
SPACEDUMP-AS This...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images3.imgbox.com/d3/cf/YeLNhrQ7_o.png
Requested by: Host: r0s.jcink.net
URL: http://r0s.jcink.net/
Protocol: HTTP/1.1
Server: 212.63.223.225 , Sweden, ASN30880 (SPACEDUMP-AS This ASN is located on STHIX at Tulegatan Stokab, SE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 16:09:38 GMT
last-modified: Fri, 24 Nov 2017 22:47:56 GMT
Server: nginx/1.14.2
etag: "1bc818-55ec257fe1c1a"
X-Cache: MISS
Content-Type: image/png
cache-control: max-age=10660396
X-Whom: srv1535
accept-ranges: bytes
Content-Length: 1820696
expires: Sat, 17 Feb 2024 01:22:54 GMT

Redirect headers

Location: https://images3.imgbox.com/d3/cf/YeLNhrQ7_o.png
Date: Mon, 16 Oct 2023 16:09:38 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.1.12
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET 745056077057622189
disweb.dashflo.net/channels/745056077057622189/ Frame 8F18 0
0

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 430 B
546 B 433ms
433ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Origin: http://r0s.jcink.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sun, 24 Sep 2023 05:48:41 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"1ae-6061464d8caf6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 8171913dd8155d41-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 695 B
657 B 144ms
144ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Origin: http://r0s.jcink.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
via: e9s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"2b7-5edb43f86f378"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 8171913dd8175d41-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 myspace.js Show response
static.addtoany.com/menu/svg/icons/ 714 B
614 B 161ms
160ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/myspace.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deea9a8525578cd79c3c059e180c5e30f7b1e105b11a3f97c631a78d0a5565b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Origin: http://r0s.jcink.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
via: e8s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 09 Aug 2023 10:18:01 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"2ca-6027acb5a097d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 8171913dd8185d41-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 pinterest.js Show response
static.addtoany.com/menu/svg/icons/ 803 B
707 B 149ms
148ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/pinterest.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eee4cfa769b7416160f34ecbc48ddc2086388350baab9d29d30ea3f165b6fbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Origin: http://r0s.jcink.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 01:01:38 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"323-5edb43f7a8f98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 8171913dd81a5d41-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 reddit.js Show response
static.addtoany.com/menu/svg/icons/ 929 B
715 B 150ms
150ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/reddit.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ea98df371c043e34589b849544118a55801022a4898cb4809c63af0cade307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Origin: http://r0s.jcink.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 01:01:38 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"3a1-5edb43f7d1fd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 8171913dd81b5d41-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tumblr.js Show response
static.addtoany.com/menu/svg/icons/ 475 B
575 B 151ms
150ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/tumblr.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2c78eb1aabd291d8cb0afda195613638f562de6a2222def20fc503f1a76a23c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Origin: http://r0s.jcink.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
via: e9s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sun, 24 Sep 2023 05:48:40 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"1db-6061464d02fe0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 8171913dd81d5d41-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 393 KB
133 KB 134ms
134ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=pub-6157690437594429&plah=r0s.jcink.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4acd106fcba6bc8e6266984a30cb1b9798a0ae77c3f767cabd8a7ffdd356fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136618
x-xss-protection: 0
server: cafe
etag: 7841648271695999258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:09:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 9336 10 KB
5 KB 175ms
57ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://r0s.jcink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 12:56:15 GMT
etag: 2603938475786422795
expires: Mon, 30 Oct 2023 12:56:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 223ms
68ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=r0s.jcink.net&callback=_gfp_s_&client=ca-pub-6157690437594429

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=pub-6157690437594429&plah=r0s.jcink.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ef2791030e9c2cc9579836c585061a8bd7e54eaa6dbb03d4f39b2c2d1dadb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r0s.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BCA3 35 KB
14 KB 477ms
476ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=2583790460&adf=592325212&w=468&lmt=1697465378&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=http%3A%2F%2Fr0s.jcink.net%2F&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&dt=1697472578098&bpp=218&bdt=845&idt=527&shv=r20231011&mjsv=m202310100101&ptt=5&saldr=sd&abxe=1&correlator=4314921655485&frm=20&pv=2&ga_vid=1846418421.1697472579&ga_sid=1697472579&ga_hid=543588091&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078593%2C44805113%2C44805919%2C31078773&oid=2&pvsid=1949286255135703&tmod=550876855&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HWu43xpuj8&p=http%3A//r0s.jcink.net&dtd=557

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07068c82b72abcd0d11e6d58cfb647592708faa916afe33400f2e7e945adadf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://r0s.jcink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14344
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 16:09:39 GMT
expires: Mon, 16 Oct 2023 16:09:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A468 0
171 B 85ms
84ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&adk=1812271804&adf=3025194257&lmt=1697465378&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&channel=7887076200&format=0x0&url=http%3A%2F%2Fr0s.jcink.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&ascmds=1&dt=1697472578341&bpp=2&bdt=1088&idt=328&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60_as&nras=1&correlator=4314921655485&pv_ch=7887076200%2B&frm=20&pv=1&ga_vid=1846418421.1697472579&ga_sid=1697472579&ga_hid=543588091&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078593%2C44805113%2C44805919&oid=2&pvsid=1949286255135703&tmod=550876855&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=360

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://r0s.jcink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 16:09:38 GMT
expires: Mon, 16 Oct 2023 16:09:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BCA3 3 KB
1 KB 198ms
64ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=2583790460&adf=592325212&w=468&lmt=1697465378&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=http%3A%2F%2Fr0s.jcink.net%2F&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&dt=1697472578098&bpp=218&bdt=845&idt=527&shv=r20231011&mjsv=m202310100101&ptt=5&saldr=sd&abxe=1&correlator=4314921655485&frm=20&pv=2&ga_vid=1846418421.1697472579&ga_sid=1697472579&ga_hid=543588091&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078593%2C44805113%2C44805919%2C31078773&oid=2&pvsid=1949286255135703&tmod=550876855&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HWu43xpuj8&p=http%3A//r0s.jcink.net&dtd=557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BCA3 20 KB
9 KB 191ms
58ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 13:33:40 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 83D2 181 KB
57 KB 182ms
113ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS1gQgALvqMKW-oFAAWwboR02eYnZPaMqjIbMA&u=%7C50zaGzyppugvc3YIopoPuL%2B2ZTDeN%2FnJKXZMpEDodN8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNtn_FM3sgCa8fcyY_0H3RVnZwF4SFGPIHdYA2Y9HdOnwkQfeZ-KfQvmkM81QvutXD_aXDllClAp5lSiOYTJPiMwVFheT7xHuqwC-0ShVIodbSAS1ooNuXpQETwo9_rILWTo1P7bAIP_yWE5ymThU_fcs95iaekQ_T2IiJW5X5zL9zSEItQtFVyjwBwe_1e-O-czjcIlQJzk5YmNorGZb3ZjUmpZsei3MUExOk2ONsQrw6gYDzngh6MIOOfTvDiGHhf2MUFK65W0WGUYTF7sW12galon8xxL6WdMnEhu3vge15kTNcCiyzIyoqNdbc1zpBsDkR5729P6gOIXkltLFLlIiB37xYdAvXLwPX--P3_VPlgNcmWbgaI5xVlhsvctsiwtjAV8Kk1TkkCnB_pU5JBJ_njiHzF7crE3J3XdjvlsB9KNbIx5bI16TGAmCPjtOnfZoX6P1DiOCTTPWDA4DIOkQVRuPUKASrSYXB3EbiZPni3YCCOXY08a3jWyLPj5oKpCVny6K6MGnoLqJfrYL3w6TO7VJPCqFbw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzomyQmAtZaP9LoXU7wLu4JZwyZ7SsVzVnZH3cMCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02MTU3NjkwNDM3NTk0NDI5yAEJqQJ0rdIaaLCxPqgDAcgDAqoEqgFP0KjRGCfPP6LlTO1SS5826NgAU_Ujo4vef0HlTdhDrwXIBMrM4R8LUPVYcF6MjAbsTdremZSdiFv4KLmld7RyPsgcAHraXJVKVY4X8DygXB_8Salt9MLFL1_xHRRWqcFZvjktEh9mXhlW3wltLbdk4C6rRYAB8bezrmxCY0uCyiDftUpATz6yt1frUuFDNy2Tena-nK7WituuJvlG-kIcaEuWab7WNnOn34AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32bnNyTOE1SZH-tCzcMrhoNwId5Q%26client%3Dca-pub-6157690437594429%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

db7aeb33f9e6a889c4171a062e20490ed6055372174918fae7a2c29bbf37242d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 16:09:39 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=p5dF7PTOR5dww1RHWz-WXqqHuNrKUs_0FsxcZdpmdsWiJGV6LrL3CCi6syXDwIyztB-R0IyWjNROf3T61E0Und-MkgDHiIC1cLcRDzCqdkEJgj6bsgqhbMvVMlMTlE6u2yBY8HvG0aEVhc4we5G2LY3SqoZh6VpYQWhn-MFY7-kMy3ndoU1ZXlDoX9FTYgEn17Di5K0VucVe5bh3_Dl0GJd7VeLh4vIAIT3iQAPH3EA3RdjJz29SfM3ep0QGBnxHKjlIBQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 68613667
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCA3 187 KB
59 KB 218ms
93ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:09:39 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 83D2 2 KB
1 KB 106ms
32ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS1gQgALvqMKW-oFAAWwboR02eYnZPaMqjIbMA&u=%7C50zaGzyppugvc3YIopoPuL%2B2ZTDeN%2FnJKXZMpEDodN8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNtn_FM3sgCa8fcyY_0H3RVnZwF4SFGPIHdYA2Y9HdOnwkQfeZ-KfQvmkM81QvutXD_aXDllClAp5lSiOYTJPiMwVFheT7xHuqwC-0ShVIodbSAS1ooNuXpQETwo9_rILWTo1P7bAIP_yWE5ymThU_fcs95iaekQ_T2IiJW5X5zL9zSEItQtFVyjwBwe_1e-O-czjcIlQJzk5YmNorGZb3ZjUmpZsei3MUExOk2ONsQrw6gYDzngh6MIOOfTvDiGHhf2MUFK65W0WGUYTF7sW12galon8xxL6WdMnEhu3vge15kTNcCiyzIyoqNdbc1zpBsDkR5729P6gOIXkltLFLlIiB37xYdAvXLwPX--P3_VPlgNcmWbgaI5xVlhsvctsiwtjAV8Kk1TkkCnB_pU5JBJ_njiHzF7crE3J3XdjvlsB9KNbIx5bI16TGAmCPjtOnfZoX6P1DiOCTTPWDA4DIOkQVRuPUKASrSYXB3EbiZPni3YCCOXY08a3jWyLPj5oKpCVny6K6MGnoLqJfrYL3w6TO7VJPCqFbw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzomyQmAtZaP9LoXU7wLu4JZwyZ7SsVzVnZH3cMCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02MTU3NjkwNDM3NTk0NDI5yAEJqQJ0rdIaaLCxPqgDAcgDAqoEqgFP0KjRGCfPP6LlTO1SS5826NgAU_Ujo4vef0HlTdhDrwXIBMrM4R8LUPVYcF6MjAbsTdremZSdiFv4KLmld7RyPsgcAHraXJVKVY4X8DygXB_8Salt9MLFL1_xHRRWqcFZvjktEh9mXhlW3wltLbdk4C6rRYAB8bezrmxCY0uCyiDftUpATz6yt1frUuFDNy2Tena-nK7WituuJvlG-kIcaEuWab7WNnOn34AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32bnNyTOE1SZH-tCzcMrhoNwId5Q%26client%3Dca-pub-6157690437594429%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 16:09:39 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 83D2 2 KB
1 KB 108ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 16:09:39 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 83D2 308 B
636 B 102ms
32ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 10 Oct 2024 16:09:39 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 83D2 293 B
621 B 102ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 10 Oct 2024 16:09:39 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 83D2 43 B
348 B 113ms
32ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=WCZKlNzvhxOR-XLItRIc-PI4Yf5LAabRFBHJGm5kd5a4IfYFiYveD4nVnXvKeeQitiB_22uT1Z9g5KmKtg_NLpNd_JJdSpNymxUvyIWfNKbmhXoTUs1PXL6UXV0ZPRqmJiaDJ1CZim4v8cIGloyAs6w1UAn7PogpY_mmHD66Hbq6NyGvu0JfjHqod5Mnp904YAxe-JoNeeNOpH7jz6LALqXAK5SyU8rgIn9VGzxE50bSxxlwreJ0KLkycbdsDlt8ryncs-ikPNRRBuAIxne_iZ6aCwZQLyWjAinsoDewcHBxMhqtYDJa4XMWWQucg1GGiWMYgdG08ow7Q9bg0IYgruuGHMa2WFbUhmFlYFpkGH0eYH6uk_RioKI1wzRUXvicp3DtNBc_ii21giSK1-jFbm05ZObehq4PcQUkqb_Nv6g8La1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 16:09:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1617617
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 83D2 44 B
582 B 171ms
63ms Image
image/gif 2600:9000:223c:e800:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1697472578
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS1gQgALvqMKW-oFAAWwboR02eYnZPaMqjIbMA&u=%7C50zaGzyppugvc3YIopoPuL%2B2ZTDeN%2FnJKXZMpEDodN8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNtn_FM3sgCa8fcyY_0H3RVnZwF4SFGPIHdYA2Y9HdOnwkQfeZ-KfQvmkM81QvutXD_aXDllClAp5lSiOYTJPiMwVFheT7xHuqwC-0ShVIodbSAS1ooNuXpQETwo9_rILWTo1P7bAIP_yWE5ymThU_fcs95iaekQ_T2IiJW5X5zL9zSEItQtFVyjwBwe_1e-O-czjcIlQJzk5YmNorGZb3ZjUmpZsei3MUExOk2ONsQrw6gYDzngh6MIOOfTvDiGHhf2MUFK65W0WGUYTF7sW12galon8xxL6WdMnEhu3vge15kTNcCiyzIyoqNdbc1zpBsDkR5729P6gOIXkltLFLlIiB37xYdAvXLwPX--P3_VPlgNcmWbgaI5xVlhsvctsiwtjAV8Kk1TkkCnB_pU5JBJ_njiHzF7crE3J3XdjvlsB9KNbIx5bI16TGAmCPjtOnfZoX6P1DiOCTTPWDA4DIOkQVRuPUKASrSYXB3EbiZPni3YCCOXY08a3jWyLPj5oKpCVny6K6MGnoLqJfrYL3w6TO7VJPCqFbw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzomyQmAtZaP9LoXU7wLu4JZwyZ7SsVzVnZH3cMCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02MTU3NjkwNDM3NTk0NDI5yAEJqQJ0rdIaaLCxPqgDAcgDAqoEqgFP0KjRGCfPP6LlTO1SS5826NgAU_Ujo4vef0HlTdhDrwXIBMrM4R8LUPVYcF6MjAbsTdremZSdiFv4KLmld7RyPsgcAHraXJVKVY4X8DygXB_8Salt9MLFL1_xHRRWqcFZvjktEh9mXhlW3wltLbdk4C6rRYAB8bezrmxCY0uCyiDftUpATz6yt1frUuFDNy2Tena-nK7WituuJvlG-kIcaEuWab7WNnOn34AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32bnNyTOE1SZH-tCzcMrhoNwId5Q%26client%3Dca-pub-6157690437594429%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:39 GMT
via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: Ajb_Pzymut3ZLPS5-fHvDw-lkX-JBWKWnDOmIOOfVbih-wUpA95rzQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame BCA3 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 607f6bea3df8a10f363c32c9fabc71b7b1c5b868588b530192490f1b30c60298

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
static.criteo.net/design/dt/ Frame 83D2 57 KB
57 KB 129ms
62ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 20 Apr 2023 14:26:14 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"64414b86-e41c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 16:09:39 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 83D2 12 KB
5 KB 113ms
42ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8003904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaHW%2Fzxu6yXaL2oDoqDYlUwE%2BkhEloT2sIVZMjNbYEoulpr2jya82bT1vGEIARWHVgp06NpOjYTy1Ei1IAzndqPQR6kv5RyI%2FsGQ93cewRhkN%2F2z%2B8A2ognpyHbXYdtV4eE0NF36B7y9JZUvHBHttsJZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81719145da3134d3-WAW
expires: Sat, 05 Oct 2024 16:09:39 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 83D2 12 KB
6 KB 54ms
35ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 16:09:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 83D2 6 KB
6 KB 109ms
33ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F230502%2F6c678b4c3aaa4eb8985bff7ee55cf9b8_stepstone_job_portal_negative_rgb.png&v=3&w=236&rid=4&s=7_CNu2HE92VY0N_iL_RdSi9a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8c72a3dff093e2b513233428787a66ac759e8fa4f6516172e0d7884155f8409f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6225
expires: Fri, 04 Oct 2024 03:42:41 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 83D2 0
128 B 103ms
30ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=p5dF7PTOR5dww1RHWz-WXqqHuNrKUs_0FsxcZdpmdsWiJGV6LrL3CCi6syXDwIyztB-R0IyWjNROf3T61E0Und-MkgDHiIC1cLcRDzCqdkEJgj6bsgqhbMvVMlMTlE6u2yBY8HvG0aEVhc4we5G2LY3SqoZh6VpYQWhn-MFY7-kMy3ndoU1ZXlDoX9FTYgEn17Di5K0VucVe5bh3_Dl0GJd7VeLh4vIAIT3iQAPH3EA3RdjJz29SfM3ep0QGBnxHKjlIBQ&sds=2&rev=88837&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 16 Oct 2023 16:09:38 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 83D2 2 KB
1 KB 37ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 16:09:39 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 83D2 2 KB
1 KB 38ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 16:09:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BCA3 0
23 B 95ms
94ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxO1uQmAtZaP9LoXU7wLu4JZwyZ7SsVzVnZH3cMCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02MTU3NjkwNDM3NTk0NDI5yAEJqQJ0rdIaaLCxPqgDAcgDAqoEpwFP0KjRGCfPP6LlTO1SS5826NgAU_Ujo4vef0HlTdhDrwXIBMrM4R8LUPVYcF6MjAbsTdremZSdiFv4KLmld7RyPsgcAHraXJVKVY4X8DygXB_8Salt9MLFL1_xHRRWqcFZvjktEh9mXhlW3wltLbdk4C6rRYAB8bezrmxCY0uCyiCdt2vSz61iivE7dTvPF8Q3dFG0KqT4klka7sTgCP0CRFMOoyr234AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02MTU3NjkwNDM3NTk0NDI5GAA&sigh=lLg1phQigcs&uach_m=[UACH]&cid=CAQSTADICaaNQZCtc3-xusqr7FrZ_tvhL0FX6QNW14yCrLkY4aleoQhkNCLPUgVoomNxj9il9bW3W9EriuUuiVAemF8xMLcKT0BsxJobFZoYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=2583790460&adf=592325212&w=468&lmt=1697465378&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=http%3A%2F%2Fr0s.jcink.net%2F&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&dt=1697472578098&bpp=218&bdt=845&idt=527&shv=r20231011&mjsv=m202310100101&ptt=5&saldr=sd&abxe=1&correlator=4314921655485&frm=20&pv=2&ga_vid=1846418421.1697472579&ga_sid=1697472579&ga_hid=543588091&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078593%2C44805113%2C44805919%2C31078773&oid=2&pvsid=1949286255135703&tmod=550876855&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HWu43xpuj8&p=http%3A//r0s.jcink.net&dtd=557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Oct 2023 16:09:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Oct 2023 16:09:39 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame BCA3 0
126 B 114ms
31ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kJXPF4mvMNQDPJ2DYgICAAAALBgRSCZfgDwQQmAtZfaj_DyEN5tu1WAAABIAAAoKQVFVQkFRRUJBUQ&wp=ZS1gQgALvqMKW-oFAAWwboR02eYnZPaMqjIbMA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:09:39 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 158617
server: Kestrel
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 83D2 0
127 B 30ms
30ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 16 Oct 2023 16:09:39 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BCA3 42 B
64 B 325ms
206ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDvnP7fFv7CPzVnnG9nh8gk617kwy_9xUj3dcBixssNF0s9975p7xEDgs57Cn01jRdp_hyJrDC5xupkZupWtD9dwuO7L5lmIPyCUY&sig=Cg0ArKJSzCqswwiqMGUfEAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2583790460&rs=2&la=0&cr=0&vs=4&r=v&rst=1697472578658&rpt=886&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 16:09:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: enacademic.com
URL: https://enacademic.com/pictures/enwiki/74/Japanese_Imperial_Seal.svg

Domain: disweb.dashflo.net
URL: https://disweb.dashflo.net/channels/745056077057622189/745056077057622189?api=02e9b846-4512-4beb-adf0-317d7da5ca11

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
r0s.jcink.net/	1969-12-31 23:59:59	Name: session_id Value: cd0a0d337b7c0d01922fd159d8187346
r0s.jcink.net/	1970-01-21 00:16:48	Name: mobile_mode Value: -1
.jcink.net/	1970-01-21 00:52:48	Name: __gads Value: ID=911094d0b15ef32e:T=1697472578:RT=1697472578:S=ALNI_MYHg4qhlcu0sKtGRANzjKyhS2FQmQ
.jcink.net/	1970-01-21 00:52:48	Name: __gpi Value: UID=00000cbaea32e29e:T=1697472578:RT=1697472578:S=ALNI_MaKoeqcZ3Cb7EfJ9Et_diNvBKG-wg
.doubleclick.net/	1970-01-21 00:52:48	Name: IDE Value: AHWqTUkShc7O8xEHyLu84Af3hYU0Ws3CveXj7Ul0FJOBue5ozTkU6FAqGOuIxrBJl_g

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dl.dropboxusercontent.com/s/vpi3f9s7nhpe7v7/honeybee.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://enacademic.com/pictures/enwiki/74/Japanese_Imperial_Seal.svg Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=2583790460&adf=592325212&w=468&lmt=1697465378&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=http%3A%2F%2Fr0s.jcink.net%2F&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&dt=1697472578098&bpp=218&bdt=845&idt=527&shv=r20231011&mjsv=m202310100101&ptt=5&saldr=sd&abxe=1&correlator=4314921655485&frm=20&pv=2&ga_vid=1846418421.1697472579&ga_sid=1697472579&ga_hid=543588091&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078593%2C44805113%2C44805919%2C31078773&oid=2&pvsid=1949286255135703&tmod=550876855&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HWu43xpuj8&p=http%3A//r0s.jcink.net&dtd=557 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64.media.tumblr.com
ads.eu.criteo.com
agreeordie.com
ajax.googleapis.com
cat.nl3.eu.criteo.com
cdn.ebaumsworld.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
csm.eu.criteo.net
disweb.dashflo.net
dl.dropbox.com
dl.dropboxusercontent.com
enacademic.com
files.b1.jcink.com
files.jcink.net
fonts.googleapis.com
googleads.g.doubleclick.net
i.imgbox.com
i.pinimg.com
imageproxy.eu.criteo.net
images3.imgbox.com
maxcdn.bootstrapcdn.com
media.tenor.com
pagead2.googlesyndication.com
partner.googleadservices.com
placehold.it
r0s.jcink.net
rlv.zcache.com
rpgrating.com
rtb.nl3.eu.criteo.com
secure-gl.imrworldwide.com
sig.grumpybumpers.com
static.addtoany.com
static.criteo.net
steamuserimages-a.akamaihd.net
tpc.googlesyndication.com
via.placeholder.com
vignette.wikia.nocookie.net
www.googletagservices.com
www.placeholder.com
disweb.dashflo.net
enacademic.com
104.161.46.138
108.5.85.87
143.204.98.75
151.101.64.241
178.250.1.6
178.79.242.16
192.0.77.3
212.63.223.225
212.63.223.240
2600:9000:223c:e800:1e:a43d:b640:93a1
2606:4700:10::6816:47c5
2606:4700:3034::ac43:bad8
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700::6812:bcf
2620:100:6022:15::a27d:420f
2a00:1450:4001:800::200a
2a00:1450:4001:803::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:831::200a
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:26f0:1700:d::1737:6eab
2a02:26f0:3500:18::1724:a297
2a04:4e42:200::649
2a06:98c1:3120::3
54.235.245.12
71.19.144.37
74.120.188.204
75.98.175.98
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
07068c82b72abcd0d11e6d58cfb647592708faa916afe33400f2e7e945adadf8
08ff720283f3abc76864cf0fa40a1bec3f14d7aa3a1265958ac3a8d22df4550d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e
1092934082f3c2723639d10413424bcd14918221aaf1526e2e7e8c1bc1ec96be
16ea98df371c043e34589b849544118a55801022a4898cb4809c63af0cade307
24252d6686ba0db029b12c62f77cf38f51f72d9b55ae884f7b2098a17413162a
254ee8a084947b96025a3c58631867761ae449eb084b0436d9f4aefa5b877ca5
2f7562c8d0dff59f38176a49521e169a7a4d0d6c021e14e20823a645506999c4
303e8013dab6b91259fbfc4f420ba62a730208c5c9b562a265a690aaccc7b9de
3098f0c20f3249f6ef2d31671b4b8afe47d3da930d5630436cd47d758c88c227
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b38a181392d71b1c50db704aa1b2705c7f8487112168ff4722f110dc47f1a6
34a13799a04b7736e8a7236655b90eed0cefa4f486e277bff9485a944b2ce0f9
34bf87c3870fd39d0ae308440e8d75d21ae6f74e9d4a97214db87a1e49daac64
446157a70a12930e3dc64a54a31cd710ce4a668fdc11a503545936b1e7ae2b43
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4aae1897e3106cb0205c506c7f6e002893e8669aeaac86b5cea1ac66f25888cf
4acd106fcba6bc8e6266984a30cb1b9798a0ae77c3f767cabd8a7ffdd356fc8e
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
51e6d23e4a97f15652c1709f999062fcced9990b5090dde0d22b869247ea0869
53a3fdf6a76bebd0603a9070dc2aa026401c7bb183d8186f6e2fcceac35114cd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
607f6bea3df8a10f363c32c9fabc71b7b1c5b868588b530192490f1b30c60298
6a7dc9273ec915b17d657b89718901497c75921f6bbc6d677c76bc2a5c92b482
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
79b438afa851ba7373f6b11d13d45ed8a96eff0366f97205c312eba0850c105e
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7ef2791030e9c2cc9579836c585061a8bd7e54eaa6dbb03d4f39b2c2d1dadb05
7f3c20825909bb222fd8ec5db0a985fb397c20a97d8362858ccfffb576e13a77
7f7be5da3d986314b6722d54bd878c054f4698a20d8b6950030e7d0772896fd2
8100261b0d8216cb30c22a7117ac261a68fba9b6d65d9e5d163508cbde8df678
86aef0239de251debd54d3177287f09afd13cad1ab477b5e99625cde328e5a54
8bd47115b403213277667f22168fa894598202ae08b473f6ee2bcb3b8128a810
8c72a3dff093e2b513233428787a66ac759e8fa4f6516172e0d7884155f8409f
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f520b33a8cce3f8f5f1634fd852d3365890c5f39a9be7548c3f0879f0e72ef5
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
9357cbe2bd1d74e12bd19151d730465b4dc30ea86d202e4d1b61dd99c737b0b0
973cdf4604622a582de5ec5fc459eb8fd459f4e956639014bd093fd252e088e5
9a825167169a7545dbdfae7041c5554bb9fc666c4bb5898f5ebe4c4cf13bfff9
9e44a522f42ea65ada2082d3abd4a61ad7b78ca2f732e3e8c7d4cb39a90d6eac
9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
bc0ff83a62461c778338ec2553f83ed8fc85468939cf23d533e1dca955d2a9d1
c2070f3dbf7eeb6c2530aac9708c0d84a6ff08772330f33482aab3be2cd57080
caebd4676e90fb46d42cf3ee6af3d70df6c48f4b3d5838a82491ce2269fd3277
cb3d7faf374ffbc2a00d9de0ae9322e0347d4cd65837b714ff072fdd8cde7442
cc3d482e79df6bbf7303b4a847461b429fc7ee463a7307684e62d7692f52c6b1
cd973c2b1ef865b051fc1845de9ae66cbb072a601e4bda7157f3a986b1fea0df
d44c62654b3ede573d577c3718e1011bc54e0f8b5848aa9482eec5cbf19e1f9d
db32c015e4a319f87bd16f8917095505a63a5e25825e26cac929d3d06a337b1d
db7aeb33f9e6a889c4171a062e20490ed6055372174918fae7a2c29bbf37242d
deea9a8525578cd79c3c059e180c5e30f7b1e105b11a3f97c631a78d0a5565b9
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2c78eb1aabd291d8cb0afda195613638f562de6a2222def20fc503f1a76a23c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d773161647b1943e21a07d661fe10986c506f4fd48f1e21b329a324f312a1b
e79fa2ca5cfdeba3c69625ae433025fff95db569d007f04784919048944999d3
eee4cfa769b7416160f34ecbc48ddc2086388350baab9d29d30ea3f165b6fbab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fb9f4e9a2afa3eb9b9b4a031dabd468b581af1724f2a253085604a31613da1b3

r0s.jcink.net Open in urlscan Pro 104.161.46.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

78 %HTTPS

65 %IPv6

32 Domains

41 Subdomains

34 IPs

4 Countries

4978 kBTransfer

7124 kBSize

5 Cookies

6 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

r0s.jcink.net Open in urlscan Pro
104.161.46.138 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

78 %
HTTPS

65 %
IPv6

32
Domains

41
Subdomains

34
IPs

4
Countries

4978 kB
Transfer

7124 kB
Size

5
Cookies

79 HTTP transactions
1 data transactions