Submitted URL: https://ftim.eu/PW
Effective URL: https://smack.jcink.net/index.php?showtopic=1
Submission: On August 20 via manual from BR

Summary

This website contacted 21 IPs in 2 countries across 10 domains to perform 77 HTTP transactions. The main IP is 192.184.12.11, located in Los Angeles, United States and belongs to BLCC, US. The main domain is smack.jcink.net.
TLS certificate: Issued by R3 on June 8th 2021. Valid for: 3 months.
This is the only time smack.jcink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
19 files.jcink.net smack.jcink.net
12 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
10 pagead2.googlesyndication.com smack.jcink.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 fcdn.ftim.eu ftim.eu
fcdn.ftim.eu
3 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 smack.jcink.net ftim.eu
smack.jcink.net
3 ftim.eu 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
2 www.gstatic.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
77 19

This site contains links to these domains. Also see Links.

Domain
mtnl.eu
reurl.cc
www.invisionboard.com
jcink.com
www.invisionpower.com
Subject Issuer Validity Valid
ftim.eu
R3
2021-06-30 -
2021-09-28
3 months crt.sh
fcdn.ftim.eu
R3
2021-06-29 -
2021-09-27
3 months crt.sh
jcink.com
R3
2021-06-08 -
2021-09-06
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.google.de
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-07-26 -
2021-10-18
3 months crt.sh

This page contains 11 frames:

Primary Page: https://smack.jcink.net/index.php?showtopic=1
Frame ID: 56DC329B24EF2A65E620CDE64B63582B
Requests: 39 HTTP requests in this frame

Frame: https://smack.jcink.net/sb_iframe.php?step=D2
Frame ID: 1EE784A6D37C548474DACE7404E1CCE4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Frame ID: A6858EFFD6571BE7B28495E1C1D63092
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Frame ID: 44EB3601354E34B5C5BD9F842A721D40
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: EC2DA88BAB5CBF3145F0D277414A1849
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Frame ID: A0B7B786C92D1A6605C4B72F7C3A58CC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Frame ID: 85D1A70A0CF787825BD40714DD6464D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: 5025B11C1A60349F88E8379B84F53975
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&adk=1812271804&adf=3025194257&lmt=1629491027&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=7887076200&format=0x0&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491027439&bpp=2&bdt=1511&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46cadf461fb1b57f-22ad6814afc900f2%3AT%3D1629491026%3ART%3D1629491026%3AS%3DALNI_MbjUn0htykJsWrpwMOTJT85zetrxA&prev_fmts=468x60_as%2C728x90_as&nras=1&correlator=1584021859396&pv_ch=7887076200%2B&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&psts=AGkb-H9aehUn6gi1tbuf3uuWEj6soFajNrpWUq7WbxJfR1-T68hlIXoD64gI6xGZw8BvOqJ7yn28CMtTaLs%2CAGkb-H-5Om8Ld7m8hGXFVCTavL3HaN6j_QiW1LPIzwcwYDtJjrqPj7XgTiQnW7RD9CE-6ZfHhPl3XdPT&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=25
Frame ID: 8693CA9BCBECABE20A93FF1EA4BE8A48
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D978318EAA8CDD7BFB0955A2E2288A81
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61935BC215639DDB54A9E046370D02FA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

My Community -> Forum Here

Page URL History Show full URLs

  1. https://ftim.eu/PW HTTP 302
    https://ftim.eu/r/PW Page URL
  2. https://ftim.eu/rv/ifYiBkXoxgBohddNEQdun1Gznm8z6USo9QHLaEaIUL6cYkZDac8xeO6Bafag93Fj HTTP 302
    https://smack.jcink.net/index.php?showtopic=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

77
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

19
Subdomains

21
IPs

2
Countries

1121 kB
Transfer

2098 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ftim.eu/PW HTTP 302
    https://ftim.eu/r/PW Page URL
  2. https://ftim.eu/rv/ifYiBkXoxgBohddNEQdun1Gznm8z6USo9QHLaEaIUL6cYkZDac8xeO6Bafag93Fj HTTP 302
    https://smack.jcink.net/index.php?showtopic=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ftim.eu/PW HTTP 302
  • https://ftim.eu/r/PW
Request Chain 47
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_k-GhyQEQsAkYsAkyCFS5gdEULWf0 HTTP 301
  • https://tpc.googlesyndication.com/simgad/14948897189863566484
Request Chain 65
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

77 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
PW
ftim.eu/r/
Redirect Chain
  • https://ftim.eu/PW
  • https://ftim.eu/r/PW
3 KB
1 KB
Document
General
Full URL
https://ftim.eu/r/PW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.212.219.220 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
mx1.fuchstim.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
b681907f111f8edcdf5e1db6c5a455f5c19b5a4dfc20c5d6fb1d9d5fa456b100

Request headers

:method
GET
:authority
ftim.eu
:scheme
https
:path
/r/PW
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:41 GMT
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-encoding
gzip
content-length
1082
content-type
text/html; charset=UTF-8

Redirect headers

date
Fri, 20 Aug 2021 20:23:41 GMT
server
Apache/2.4.25 (Debian)
location
https://ftim.eu/r/PW
content-type
text/html; charset=UTF-8
style_flat_min.css
fcdn.ftim.eu/res/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://fcdn.ftim.eu/res/css/style_flat_min.css
Requested by
Host: ftim.eu
URL: https://ftim.eu/r/PW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.28.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mx2.fuchstim.de
Software
Apache/2.4.38 (Debian) /
Resource Hash
e70f8c397c577c98a26f712732321bf64aaa45c7e2a43293cb8c0677ee1a0f32

Request headers

Referer
https://ftim.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:41 GMT
content-encoding
gzip
last-modified
Fri, 30 Mar 2018 13:46:22 GMT
server
Apache/2.4.38 (Debian)
etag
"ce6-568a1772cc780-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2419200
accept-ranges
bytes
content-length
860
expires
Fri, 17 Sep 2021 20:23:41 GMT
logo_w_small.png
fcdn.ftim.eu/res/img/
1 KB
1 KB
Image
General
Full URL
https://fcdn.ftim.eu/res/img/logo_w_small.png
Requested by
Host: ftim.eu
URL: https://ftim.eu/r/PW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.28.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mx2.fuchstim.de
Software
Apache/2.4.38 (Debian) /
Resource Hash
858e3bf23f68e20778b3a80c4190ec57b4059dc1be9f95b8da2e8ce6a1c8ff5f

Request headers

Referer
https://ftim.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:41 GMT
last-modified
Tue, 23 Oct 2018 11:31:09 GMT
server
Apache/2.4.38 (Debian)
etag
"414-578e3b4c26c12"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2419200
accept-ranges
bytes
content-length
1044
expires
Fri, 17 Sep 2021 20:23:41 GMT
jquery.min.js
fcdn.ftim.eu/res/js/
85 KB
30 KB
Script
General
Full URL
https://fcdn.ftim.eu/res/js/jquery.min.js
Requested by
Host: ftim.eu
URL: https://ftim.eu/r/PW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.28.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mx2.fuchstim.de
Software
Apache/2.4.38 (Debian) /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://ftim.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:41 GMT
content-encoding
gzip
last-modified
Sat, 17 Nov 2018 10:02:16 GMT
server
Apache/2.4.38 (Debian)
etag
"1538f-57ad960f1b67e-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2419200
accept-ranges
bytes
content-length
30307
expires
Fri, 17 Sep 2021 20:23:41 GMT
Roboto-Light.ttf
fcdn.ftim.eu/res/fonts/
166 KB
168 KB
Font
General
Full URL
https://fcdn.ftim.eu/res/fonts/Roboto-Light.ttf
Requested by
Host: fcdn.ftim.eu
URL: https://fcdn.ftim.eu/res/css/style_flat_min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.28.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mx2.fuchstim.de
Software
Apache/2.4.38 (Debian) /
Resource Hash
a6d343d425bc38db90152fa06058b1c7391eca9264f334ef65c1ce175085c6f6

Request headers

Origin
https://ftim.eu
Referer
https://fcdn.ftim.eu/res/css/style_flat_min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:41 GMT
last-modified
Fri, 30 Mar 2018 13:49:55 GMT
server
Apache/2.4.38 (Debian)
etag
"299b4-568a183dee6c0"
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=2419200
accept-ranges
bytes
content-length
170420
expires
Fri, 17 Sep 2021 20:23:41 GMT
Roboto-Regular.ttf
fcdn.ftim.eu/res/fonts/
168 KB
169 KB
Font
General
Full URL
https://fcdn.ftim.eu/res/fonts/Roboto-Regular.ttf
Requested by
Host: fcdn.ftim.eu
URL: https://fcdn.ftim.eu/res/css/style_flat_min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.28.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mx2.fuchstim.de
Software
Apache/2.4.38 (Debian) /
Resource Hash
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

Request headers

Origin
https://ftim.eu
Referer
https://fcdn.ftim.eu/res/css/style_flat_min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:42 GMT
last-modified
Fri, 30 Mar 2018 13:49:53 GMT
server
Apache/2.4.38 (Debian)
etag
"29e9c-568a183c06240"
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=2419200
accept-ranges
bytes
content-length
171676
expires
Fri, 17 Sep 2021 20:23:42 GMT
Primary Request Cookie set index.php
smack.jcink.net/
Redirect Chain
  • https://ftim.eu/rv/ifYiBkXoxgBohddNEQdun1Gznm8z6USo9QHLaEaIUL6cYkZDac8xeO6Bafag93Fj
  • https://smack.jcink.net/index.php?showtopic=1
37 KB
10 KB
Document
General
Full URL
https://smack.jcink.net/index.php?showtopic=1
Requested by
Host: ftim.eu
URL: https://ftim.eu/r/PW
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.12.11 Los Angeles, United States, ASN32421 (BLCC, US),
Reverse DNS
Software
nginx /
Resource Hash
4fa3c9b56f5edb221e887b2a467e74c8e9c4b1826e325c50427404793a5456e9

Request headers

Host
smack.jcink.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://ftim.eu/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ftim.eu/r/PW

Response headers

Server
nginx
Date
Sat, 21 Aug 2021 03:17:33 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
9520
Connection
keep-alive
Set-Cookie
session_id=b1a8355be3f68d9d511e09ee8dfe22aa; path=/; HttpOnly mobile_mode=-1; expires=Sat, 20-Aug-2022 20:23:45 GMT; path=/
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

date
Fri, 20 Aug 2021 20:23:45 GMT
server
Apache/2.4.25 (Debian)
location
https://smack.jcink.net/index.php?showtopic=1
content-type
text/html; charset=UTF-8
jquery-1.7.2.min.js
files.jcink.net/html/
93 KB
33 KB
Script
General
Full URL
https://files.jcink.net/html/jquery-1.7.2.min.js
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Content-Encoding
gzip
Last-Modified
Sun, 08 Jul 2012 10:03:46 GMT
Server
Apache
ETag
"5c8637-17278-4c44e9cf4d3af"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
33622
jquery.cookie-1.3.1.js
files.jcink.net/html/
2 KB
1 KB
Script
General
Full URL
https://files.jcink.net/html/jquery.cookie-1.3.1.js
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
9a825167169a7545dbdfae7041c5554bb9fc666c4bb5898f5ebe4c4cf13bfff9

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Aug 2013 04:57:13 GMT
Server
Apache
ETag
"980411-902-4e4821f947500"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1067
catcollapse.js
files.jcink.net/html/
3 KB
1 KB
Script
General
Full URL
https://files.jcink.net/html/catcollapse.js
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
9e44a522f42ea65ada2082d3abd4a61ad7b78ca2f732e3e8c7d4cb39a90d6eac

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jun 2013 15:44:45 GMT
Server
Apache
ETag
"5c6a9c-a54-4de55f5e091dc"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
851
spacer.gif
smack.jcink.net/style_images/1/
43 B
284 B
Image
General
Full URL
https://smack.jcink.net/style_images/1/spacer.gif
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.12.11 Los Angeles, United States, ASN32421 (BLCC, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
smack.jcink.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://smack.jcink.net/index.php?showtopic=1
Cookie
session_id=b1a8355be3f68d9d511e09ee8dfe22aa; mobile_mode=-1
Connection
keep-alive
Referer
https://smack.jcink.net/index.php?showtopic=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 21 Aug 2021 03:17:34 GMT
Last-Modified
Tue, 27 Jun 2006 00:33:28 GMT
Server
nginx
ETag
"5cc4f0-2b-41729d8f6e600"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
atb_help.gif
files.jcink.net/style_images/1/
587 B
854 B
Image
General
Full URL
https://files.jcink.net/style_images/1/atb_help.gif
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
973cdf4604622a582de5ec5fc459eb8fd459f4e956639014bd093fd252e088e5

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Fri, 21 Jul 2006 00:02:15 GMT
Server
Apache
ETag
"5cc494-24b-4190c35842fc0"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
587
atb_search.gif
files.jcink.net/style_images/1/
554 B
821 B
Image
General
Full URL
https://files.jcink.net/style_images/1/atb_search.gif
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
8bd47115b403213277667f22168fa894598202ae08b473f6ee2bcb3b8128a810

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Fri, 21 Jul 2006 00:02:16 GMT
Server
Apache
ETag
"5cc499-22a-4190c35937200"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
554
atb_members.gif
files.jcink.net/style_images/1/
641 B
908 B
Image
General
Full URL
https://files.jcink.net/style_images/1/atb_members.gif
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
caebd4676e90fb46d42cf3ee6af3d70df6c48f4b3d5838a82491ce2269fd3277

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Fri, 21 Jul 2006 00:02:15 GMT
Server
Apache
ETag
"5cc497-281-4190c35842fc0"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
641
atb_calendar.gif
files.jcink.net/style_images/1/
616 B
883 B
Image
General
Full URL
https://files.jcink.net/style_images/1/atb_calendar.gif
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
d44c62654b3ede573d577c3718e1011bc54e0f8b5848aa9482eec5cbf19e1f9d

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Fri, 21 Jul 2006 00:02:15 GMT
Server
Apache
ETag
"5cc490-268-4190c35842fc0"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
616
atb_shoutbox.gif
files.jcink.net/style_images/1/
361 B
628 B
Image
General
Full URL
https://files.jcink.net/style_images/1/atb_shoutbox.gif
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
cc3d482e79df6bbf7303b4a847461b429fc7ee463a7307684e62d7692f52c6b1

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Thu, 29 Jun 2006 23:57:09 GMT
Server
Apache
ETag
"5cc49a-169-41765b09c1f40"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
361
show_ads.js
pagead2.googlesyndication.com/pagead/
100 KB
35 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3a59146eed5adf30e39790940994d8cebf0d9602e3f1023db23d7b9a8cdf9e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36117
x-xss-protection
0
server
cafe
etag
13015674431668092314
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 20 Aug 2021 20:23:46 GMT
cat-collapse.png
files.jcink.net/themes/default/
1 KB
1 KB
Image
General
Full URL
https://files.jcink.net/themes/default/cat-collapse.png
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
8100261b0d8216cb30c22a7117ac261a68fba9b6d65d9e5d163508cbde8df678

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Mon, 01 Oct 2012 21:17:06 GMT
Server
Apache
ETag
"7c1835-4c0-4cb05ed831582"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1216
users.png
files.jcink.net/themes/default/
2 KB
2 KB
Image
General
Full URL
https://files.jcink.net/themes/default/users.png
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
6b631ffc891e5cb15a5faeff9185bf2d0d5690097314c1a068ce9892c8bafdb5

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Mon, 01 Oct 2012 21:19:14 GMT
Server
Apache
ETag
"7c1f07-6f9-4cb05f521e3d6"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1785
posts.png
files.jcink.net/themes/default/
2 KB
2 KB
Image
General
Full URL
https://files.jcink.net/themes/default/posts.png
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
25551288c06fbe787a77b3133453f396ed512d79ae30d442860e564b6788cb1d

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Mon, 01 Oct 2012 21:18:57 GMT
Server
Apache
ETag
"7c1f06-647-4cb05f418c8b2"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1607
joined.png
files.jcink.net/themes/default/
2 KB
2 KB
Image
General
Full URL
https://files.jcink.net/themes/default/joined.png
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
a654cde167587ff0f8ecaa0407794c6d6e51578d3bcba90e91d42f4799e1ce9c

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Mon, 01 Oct 2012 21:18:57 GMT
Server
Apache
ETag
"7c1f05-688-4cb05f41895bf"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1672
common.c.js
files.jcink.net/html/quickedit/
674 B
722 B
Script
General
Full URL
https://files.jcink.net/html/quickedit/common.c.js
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
3e47eeccc0aa3d6b0d8274aae508b534aace531184501a499d530914ac34a058

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 Mar 2017 00:14:34 GMT
Server
Apache
ETag
"5c5520-2a2-54a695ceb8562"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
402
qe.js
files.jcink.net/html/quickedit/
10 KB
3 KB
Script
General
Full URL
https://files.jcink.net/html/quickedit/qe.js
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
f4bee3671d0bda04559edf15971211246757d21f0f3f976d958ebb91627f5cb6

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Jun 2021 18:10:48 GMT
Server
Apache
ETag
"5e5c99-268f-5c5af2cfe13f5"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
3166
magnifying-glass.png
files.jcink.net/themes/default/
1001 B
1 KB
Image
General
Full URL
https://files.jcink.net/themes/default/magnifying-glass.png
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
08ff720283f3abc76864cf0fa40a1bec3f14d7aa3a1265958ac3a8d22df4550d

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Mon, 01 Oct 2012 21:17:06 GMT
Server
Apache
ETag
"7c1839-3e9-4cb05ed83d0ec"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1001
red-gradient-glass.png
files.jcink.net/themes/default/
260 B
527 B
Image
General
Full URL
https://files.jcink.net/themes/default/red-gradient-glass.png
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
6bb4589f1239aca63c1cb896a8594f838a2d7f02e6b46a714791b16caf66a5eb

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Mon, 01 Oct 2012 21:17:06 GMT
Server
Apache
ETag
"7c1efb-104-4cb05ed846d10"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
260
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/
252 KB
93 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=smack.jcink.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95446
x-xss-protection
0
server
cafe
etag
16230733116024533272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 20 Aug 2021 20:23:46 GMT
Cookie set sb_iframe.php
smack.jcink.net/ Frame 1EE7
16 KB
4 KB
Document
General
Full URL
https://smack.jcink.net/sb_iframe.php?step=D2
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.12.11 Los Angeles, United States, ASN32421 (BLCC, US),
Reverse DNS
Software
nginx /
Resource Hash
d8f511e792d8bcbfdb6025cfb375b5d7d1b8555271a3c3a74a249d85852758e4

Request headers

Host
smack.jcink.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://smack.jcink.net/index.php?showtopic=1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
session_id=b1a8355be3f68d9d511e09ee8dfe22aa; mobile_mode=-1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://smack.jcink.net/index.php?showtopic=1

Response headers

Server
nginx
Date
Sat, 21 Aug 2021 03:17:34 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
3812
Connection
keep-alive
Set-Cookie
session_id=b1a8355be3f68d9d511e09ee8dfe22aa; path=/; HttpOnly
Vary
Accept-Encoding
Content-Encoding
gzip
white-gradient.png
files.jcink.net/themes/default/
1 KB
1 KB
Image
General
Full URL
https://files.jcink.net/themes/default/white-gradient.png
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
e65fa30610e5bea52045d9186830c2c96552e1857585fbe4534e6e2f345326f0

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Mon, 01 Oct 2012 21:17:07 GMT
Server
Apache
ETag
"7c1f03-47e-4cb05ed85e065"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1150
red-gradient.png
files.jcink.net/themes/default/
974 B
1 KB
Image
General
Full URL
https://files.jcink.net/themes/default/red-gradient.png
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
9ed41948f68782f125665891f8fd849909885c48d83df03291bfe8ddca79df49

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Mon, 01 Oct 2012 21:17:06 GMT
Server
Apache
ETag
"7c1efa-3ce-4cb05ed8445ff"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
974
thin-gray-gradient.png
files.jcink.net/themes/default/
925 B
1 KB
Image
General
Full URL
https://files.jcink.net/themes/default/thin-gray-gradient.png
Requested by
Host: smack.jcink.net
URL: https://smack.jcink.net/index.php?showtopic=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS
pool-74-102-155-91.nwrknj.fios.verizon.net
Software
Apache /
Resource Hash
f058f7e6bf5c40f7fe1abbe949c12028c66775a4cc6039228ecf5bbf5c3107dd

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:23:46 GMT
Last-Modified
Mon, 01 Oct 2012 21:17:07 GMT
Server
Apache
ETag
"7c1f00-39d-4cb05ed853c2f"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
925
cookie.js
partner.googleadservices.com/gampad/
199 B
656 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=smack.jcink.net&callback=_gfp_s_&client=ca-pub-6157690437594429
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=smack.jcink.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1f12ddd4ebdcc954b56af69bab02c6a1c2b85cb1400fe7b3a11b626dacfd425d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=smack.jcink.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=smack.jcink.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 20:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=smack.jcink.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=smack.jcink.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 20:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A685
92 KB
27 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=smack.jcink.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
509e66e9d57dc801bf65ad9809b588f731c9c13f5495b53de37145f0c7932719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://smack.jcink.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://smack.jcink.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 20 Aug 2021 20:23:46 GMT
server
cafe
content-length
27592
x-xss-protection
0
set-cookie
IDE=AHWqTUmjBd8I_GTE1QI1K8kfC3UlLKtE0P9Cq50tPfO_c_lGfCKjDC7W9JrELIXbCaI; expires=Wed, 14-Sep-2022 20:23:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 20:23:46 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=smack.jcink.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:46 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286089745720"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27752
x-xss-protection
0
expires
Fri, 20 Aug 2021 20:23:46 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 44EB
85 KB
27 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=smack.jcink.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dbf2428f20d7b5c89e48df54126458af3b9d2eb5b952bee1952adcda2b019db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://smack.jcink.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://smack.jcink.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 20 Aug 2021 20:23:46 GMT
server
cafe
content-length
27574
x-xss-protection
0
set-cookie
IDE=AHWqTUm99LiGdQMiVmcDv44K-12Y4eszrOwPauinkwRtLJH2uXnwGWuCHjeio0PRWyA; expires=Wed, 14-Sep-2022 20:23:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 20:23:46 GMT
cache-control
private
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame A685
1 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 20:20:24 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame A685
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 20:21:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame A685
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:19:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 20:19:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A685
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:46 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286078051219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Fri, 20 Aug 2021 20:23:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame A685
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:15:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 20:15:20 GMT
b0b7c8cfc8b22cb6a71ecf22b35577d4.js
www.gstatic.com/mysidia/ Frame A685
26 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b0b7c8cfc8b22cb6a71ecf22b35577d4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10765
x-xss-protection
0
last-modified
Tue, 17 Aug 2021 04:05:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Nov 2021 13:07:28 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame A685
13 KB
13 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTNmQXrBCBxY_exF6FF63ucOgIneKXO5CYhgZGmpYuam9wwKrc&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38c956b34dc567320caf014eb52094db8f92cf6aabc56d66df4f6d2aca78f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:40:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 01:06:19 GMT
server
sffe
age
322999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13313
x-xss-protection
0
expires
Wed, 17 Aug 2022 02:40:27 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame A685
11 KB
11 KB
Image
General
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQwouGQKejtt-pDNlmuW7DUoL-0FI1lx5Z3LDEi4AIOybiJ9tB6&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e4d83b427c99a1978774c5e2b7eaa34f666f89b15a760bf63f4ba1d83db38d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:23:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 16:36:26 GMT
server
sffe
age
324013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11438
x-xss-protection
0
expires
Wed, 17 Aug 2022 02:23:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A685
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CqzmqUg8gYezPKYPN7_UPztSh4AXX-KnJZNfz9NuLDtrZHhABIJvIpwJglQKgAaGi6N0DyAEJqQKVf20fxJ6zPqgDAcgDywSqBMEBT9C5vbb7-dT8Z3KWpsREOoA7WXlELBdPAkPEhiXac9KPzWAUczf9-Nt6aYv3LMH2iwgCQxDCKNbhjNIpmEyUHKKC2uDWulqxwVXcFkt2PHuopXcZDk7tuDNxa2vT3m11v68tdSr1CvOgU0oFnXAdQPMWxu_q2vqFs0NFO2Lzty7NsJDgE0grilo_WY9-rzYRoH4hRey7iizA0ENDQWwei2_5xP2dyjnojl_noVvAl9s-VqR0Cvmiz6l8YbTiGqB5g8AEzPKIvcYDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8fdlyKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcDEP5Z0ggJCIDhgHAQARgfgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTYxNTc2OTA0Mzc1OTQ0MjkYAA&sigh=y1eIt4lFwCs&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 20 Aug 2021 20:23:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
shopping
encrypted-tbn0.gstatic.com/ Frame A685
17 KB
17 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTTULWpq6CZKb4BGhLAzFyGdzTLuyxTa7tX_o1rY0Exv0FH2pE0oIaJNwMNfA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79b446b62ecadae0e5f36859d34256636cee47b1ca430d00e5260d5164f40fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 11:28:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Aug 2021 02:08:02 GMT
server
sffe
age
377742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16924
x-xss-protection
0
expires
Tue, 16 Aug 2022 11:28:04 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame A685
12 KB
13 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSYOKrwai1qF1iRWBruAaRHoG73PK87Tw4WCqD8WFsCMD0u0E6whvlM7DON3g&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0da82bf8b350a6e43585878a7b9d8659e332e412655bf9ff604e88b5dad728f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 11:40:47 GMT
x-content-type-options
nosniff
last-modified
Sat, 14 Nov 2020 01:17:14 GMT
server
sffe
age
290580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12768
x-xss-protection
0
expires
Wed, 17 Aug 2022 11:40:47 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame A685
5 KB
6 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSkNxTe1HxTIQwdF0axJtRoruAukZwjsZ3H5QpqperLkoqMrpar&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08c9f627c09afcfe0711dc5e88ba32935a118dcb3960794232290d524185a47c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:13:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Nov 2020 02:04:48 GMT
server
sffe
age
331824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5511
x-xss-protection
0
expires
Wed, 17 Aug 2022 00:13:23 GMT
14948897189863566484
tpc.googlesyndication.com/simgad/ Frame A685
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_k-GhyQEQsAkYsAkyCFS5gdEULWf0
  • https://tpc.googlesyndication.com/simgad/14948897189863566484
126 KB
126 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14948897189863566484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de4893a677f58b92e5b79c780e167626ccb9a34bede94d5d03d828363ef139fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 22:30:57 GMT
x-content-type-options
nosniff
age
337970
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128532
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 11:27:51 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 22:30:57 GMT

Redirect headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 03:15:20 GMT
x-content-type-options
nosniff
server
cafe
age
61707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/14948897189863566484
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 19 Sep 2021 03:15:20 GMT
css
fonts.googleapis.com/ Frame 44EB
3 KB
578 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 18:42:20 GMT
server
ESF
date
Fri, 20 Aug 2021 20:23:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Aug 2021 20:23:47 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 44EB
1 KB
857 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 20:20:24 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 44EB
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 20:21:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 44EB
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:19:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 20:19:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 44EB
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:47 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286078051219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Fri, 20 Aug 2021 20:23:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 44EB
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:15:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
507
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 20:15:20 GMT
l
www.google.com/ads/measurement/ Frame 44EB
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRegW0mc-DfmJJlj_8xlM8usrNjirhANUWd_oyg0_77Cqnn1pUd7Oj8MM5JSSfCIUp_qHyj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

b0b7c8cfc8b22cb6a71ecf22b35577d4.js
www.gstatic.com/mysidia/ Frame 44EB
26 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b0b7c8cfc8b22cb6a71ecf22b35577d4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10765
x-xss-protection
0
last-modified
Tue, 17 Aug 2021 04:05:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Nov 2021 13:07:28 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 44EB
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGyl9Ug8gYe2cKuXY7_UPiZ-70A-f6PXFZNCs4caZDdrZHhABIJvIpwJglQKgAYWg6MADyAEBqQKVf20fxJ6zPqgDAcgDywSqBMYBT9DzerojJ7y0LRn9IOTqkkAd6WsSyzAtvQsOvQ8ltIu4j3PkH-5wZAl5GncCVtx-KWuH9nhSONYasdKR8vkPQ-PVDJylZQ0UQyXc5lnZny0E6Haat3xup1sqbYR2Z0QWBAPGlSGv3r4bP7FsD-dcj7oG2CkRT2KzZaYc3anlk3WPnE6eUrjX3XAw3ZH-pyasJHdrY_GvxjpyxOS1LxMRcPNsGWd0DbtUSFRd7usWu6yPaH-Ipd93sT3osBZ6TDZJacK8m4T0wATv-6fuyAOSBQQIBBgBkgUECAUYBIAH-YlaqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELbzAdIICQiA4YBwEAEYH4AKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi02MTU3NjkwNDM3NTk0NDI5GAA&sigh=H_WFofVVsfY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 20 Aug 2021 20:23:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame A685
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdde89896ddc3909563c14cdc1687619191927063bad9d0e1a303752c3ee1103

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame EC2D
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm99LiGdQMiVmcDv44K-12Y4eszrOwPauinkwRtLJH2uXnwGWuCHjeio0PRWyA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 20 Aug 2021 20:16:33 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
434
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 44EB
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a48ce0d7ff31ddc451e565fd82dc05c5a6923bb8acb60c45e437fb8dba0a7764

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
pagead2.googlesyndication.com/bg/ Frame A0B7
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=3703778500&adf=58380547&w=468&lmt=1629491026&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026529&bpp=17&bdt=601&idt=114&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1584021859396&frm=20&pv=2&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfuCHTxO5n&p=https%3A//smack.jcink.net&dtd=136
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 16:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
14221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 16:26:46 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 44EB
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:11 GMT
x-content-type-options
nosniff
age
246156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:01:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:11 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 44EB
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:03 GMT
x-content-type-options
nosniff
age
246164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:00:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49909
x-xss-protection
0
server
cafe
etag
7723420151934129076
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 20 Aug 2021 20:23:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=smack.jcink.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff2ff52f4eec3ec752941d22de649ad8294dddb659e2dab2e9f939aa0bd5bd0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 20:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8624
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame EC2D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm99LiGdQMiVmcDv44K-12Y4eszrOwPauinkwRtLJH2uXnwGWuCHjeio0PRWyA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 20:23:47 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 20-Aug-2021 21:23:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 20:23:47 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 20:23:47 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
pagead2.googlesyndication.com/bg/ Frame 85D1
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=90&adk=4106277735&adf=3065513656&w=728&lmt=1629491026&channel=5530303035&ad_type=text%2Fimage&format=728x90_as&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491026553&bpp=9&bdt=626&idt=118&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_fmts=468x60_as&correlator=1584021859396&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wppIeVRKqy&p=https%3A//smack.jcink.net&dtd=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 16:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
14221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 16:26:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=smack.jcink.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 20:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 20 Aug 2021 20:23:47 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame 5025
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210812/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://smack.jcink.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm99LiGdQMiVmcDv44K-12Y4eszrOwPauinkwRtLJH2uXnwGWuCHjeio0PRWyA; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://smack.jcink.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 19 Aug 2021 20:32:15 GMT
expires
Thu, 02 Sep 2021 20:32:15 GMT
content-type
text/html; charset=UTF-8
etag
8999110079160743657
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4576
x-xss-protection
0
age
85892
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=smack.jcink.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=smack.jcink.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 20:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=smack.jcink.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=smack.jcink.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 20:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8693
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&adk=1812271804&adf=3025194257&lmt=1629491027&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=7887076200&format=0x0&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491027439&bpp=2&bdt=1511&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46cadf461fb1b57f-22ad6814afc900f2%3AT%3D1629491026%3ART%3D1629491026%3AS%3DALNI_MbjUn0htykJsWrpwMOTJT85zetrxA&prev_fmts=468x60_as%2C728x90_as&nras=1&correlator=1584021859396&pv_ch=7887076200%2B&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&psts=AGkb-H9aehUn6gi1tbuf3uuWEj6soFajNrpWUq7WbxJfR1-T68hlIXoD64gI6xGZw8BvOqJ7yn28CMtTaLs%2CAGkb-H-5Om8Ld7m8hGXFVCTavL3HaN6j_QiW1LPIzwcwYDtJjrqPj7XgTiQnW7RD9CE-6ZfHhPl3XdPT&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=25
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=smack.jcink.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6157690437594429&output=html&adk=1812271804&adf=3025194257&lmt=1629491027&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=7887076200&format=0x0&url=https%3A%2F%2Fsmack.jcink.net%2Findex.php%3Fshowtopic%3D1&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629491027439&bpp=2&bdt=1511&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46cadf461fb1b57f-22ad6814afc900f2%3AT%3D1629491026%3ART%3D1629491026%3AS%3DALNI_MbjUn0htykJsWrpwMOTJT85zetrxA&prev_fmts=468x60_as%2C728x90_as&nras=1&correlator=1584021859396&pv_ch=7887076200%2B&frm=20&pv=1&ga_vid=1488497908.1629491027&ga_sid=1629491027&ga_hid=1794782761&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062179%2C31062297&oid=3&psts=AGkb-H9aehUn6gi1tbuf3uuWEj6soFajNrpWUq7WbxJfR1-T68hlIXoD64gI6xGZw8BvOqJ7yn28CMtTaLs%2CAGkb-H-5Om8Ld7m8hGXFVCTavL3HaN6j_QiW1LPIzwcwYDtJjrqPj7XgTiQnW7RD9CE-6ZfHhPl3XdPT&pvsid=747599373010381&ref=https%3A%2F%2Fftim.eu%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=25
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://smack.jcink.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm99LiGdQMiVmcDv44K-12Y4eszrOwPauinkwRtLJH2uXnwGWuCHjeio0PRWyA; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://smack.jcink.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 20:23:47 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D978
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://smack.jcink.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://smack.jcink.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 20 Aug 2021 18:34:19 GMT
expires
Sat, 20 Aug 2022 18:34:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6568
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6193
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dfd2ae6abd2604b0172be65f0bff33fa0aad3b0e823e07e479ba3b8c24526abe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w7mXTjM9I+fmJ+RRkDY01Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://smack.jcink.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://smack.jcink.net/

Response headers

expires
Fri, 20 Aug 2021 20:23:47 GMT
date
Fri, 20 Aug 2021 20:23:47 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-w7mXTjM9I+fmJ+RRkDY01Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
pagead2.googlesyndication.com/bg/ Frame D978
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 16:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
14221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 16:26:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=747599373010381&bg=!FxSlFFDNAAZvV8FTb1c7ACkAdvg8WjWIOVQW9l6FYYuYQI-MqdZBYHe9rpFTnHPlJUfbk5pj4PNuOAIAAACSUgAAAA1oAQeZAm9DywT040KvNVff1v1Dl92--BSHr91rhsJ_Q5v5Xhpmgf3fI14mlNVXYRkQIXDKZZFZNcnRGlvKyY3W7tCeUES3p7PGB20jW2X32Q2XBCHxSrluGhDOUphrZ0z_j-HUMa4lOgRSU96I1hidCy7o-1ltGKQC-aN6g1XeNHFUPWKrwu-SwjEh9xsutEJaemImxCXlPcWtQdgQcCy0ORQECzCAOSBx3Elprbc9aq0TsoNnSqj3FDzf3PsV6ppdO0A_QhEO9gfNU3Cz5n8M41EzQaUo80bdXxDlILU21qsRFIjcfwilsRsr2nTkOwYtfocCJ4dsbzJnUWTaJqnoQf64C5-PWgVAsJDPdIia2gcz7UDR04JqaxbQegK5-rSZ5BH5lhGykUQ6dV6N4vq4ymnEuuMCno2TsKZwVPKDxFgCJWeYznCyeOX_uD96ujE2oaYehuEqHXuEyUd5XBaWR0u45XHE3xRA5rXfsb8DJPSM-2yW77t9yLM7t2lFv5t3NlkbGJPVA-xa-GRhgRYVNQR7Gm80IVBbokGZwKwXvhAcakTCB5Ow2iGOR8OVIrSk0kTVmBX2remBCbinJ_A0svuzNv_JnUKnm9vTMSmFkU0dWUULsIsMx4qvJYD0OutOeQcBy0MbwV0agqyD7uYQ4GbksWohW7N3MHxbBsXq5KstIXo1_QxClhLPVd_M1GKRpFouW9F4vVbhOJKMBFYaPnHzhUaagBSUuagkP8hIfUxCO6mKXiWMCd19CgT8dtMJwXxvOUbiumq-HFnnfpnCcBGowORrbc0vtX7O6lYTwoa9pxJiD6ntY0mzftv4NimBP04KlQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://smack.jcink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 20:23:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A685
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst16CuKxL2R7yJ3J9y3YCLKVOs8fKiJ_FwBF7RK0Wb09PiclQabfvEKSzbsk3K96qkWNH-kPlfb2os20TMuc5c81Xw6ytVoWaFzdixsqIh5fM2BxqBFQs7GXkLNMVMXoFqyubQsriLKa-DWxsiRbKADxQ&sai=AMfl-YS-7zQUrgVDG4Ghhsf-OWnk2BxqhU9cKjR9hVa7yEZIax2L4XimqiW_vPGhpUKoJ3akbG3LG764U8JQS2F6E8B8jFAxg8CwV6U&sig=Cg0ArKJSzEd7FiWygpsPEAE&cid=CAASPeRobs-2LHxMQbF9ixG_LqSIETODCoqHaZy3DHv5GnwDRZi-H1gYIrkWvTWxdtC2nb1ME1S6icweiwwqnJ0&id=lidar2&mcvt=1000&p=147,566,207,1034&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210818&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3703778500&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629491026667&dlt=299&rpt=64&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 20:23:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 44EB
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNvjVGP3LvMPbbsQvNj3FIgdLNh1BtmCmECcgcy8m9pNvq8hVnAHnWugeEmQ9Cd94yIvWzcHhX6PmSXWvagKZsfvYwf4xD2Bs5dz-uwz9CdUhZwNLrhuxtQGflag&sai=AMfl-YQaCjhv7HS_1AT8WJFO7IM_Y0W3GezYOM6jkQqcTUrU_E03aPcdVJa_x3f5jTnNDL_ys94nHCxnDmuWSJ1Kb8gC-ZNaleHjwVU&sig=Cg0ArKJSzMaoeiXskS8qEAE&cid=CAASPeRog3EB9SUqD3FQuTDDOXrFi95Em0NBHAZle7yuMGOn6bYl3GEkLPn9ZEBGtTV44gVYdv1T0tTr6vg9hmo&id=lidar2&mcvt=1000&p=929,436,1019,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210818&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4106277735&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629491026677&dlt=321&rpt=47&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 20:23:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| ccreateCookie function| creadCookie function| cdeleteCookie function| catcollapse string| ipb_var_cookieid string| ipb_var_cookie_domain string| ipb_var_cookie_path function| expand_mot function| collapse_mot function| buddy_pop function| chat_pop function| multi_page_jump string| Collapse string| Expand object| google_ad_client object| google_ad_width object| google_ad_height object| google_ad_format object| google_ad_type object| google_color_border object| google_color_bg object| google_color_link object| google_color_url object| google_color_text object| google_alternate_ad_url object| google_ad_channel object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired object| google_sa_queue object| google_sl_win function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_slot object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_line object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map function| emo_popb function| bbc_pop string| google_user_agent_client_hint function| select_post function| link_to_post function| delete_post function| PopUp function| ShowHide function| expMenu object| SKIFS function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| googletag object| adsbygoogle object| GoogleGcLKhOms function| google_spfd object| google_image_requests

4 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUm99LiGdQMiVmcDv44K-12Y4eszrOwPauinkwRtLJH2uXnwGWuCHjeio0PRWyA
.jcink.net/ Name: __gads
Value: ID=46cadf461fb1b57f-22ad6814afc900f2:T=1629491026:RT=1629491026:S=ALNI_MbjUn0htykJsWrpwMOTJT85zetrxA
smack.jcink.net/ Name: mobile_mode
Value: -1
smack.jcink.net/ Name: session_id
Value: b1a8355be3f68d9d511e09ee8dfe22aa

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fcdn.ftim.eu
files.jcink.net
fonts.googleapis.com
fonts.gstatic.com
ftim.eu
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
smack.jcink.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
159.69.28.223
173.212.219.220
192.184.12.11
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::200e
74.102.155.91
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
08c9f627c09afcfe0711dc5e88ba32935a118dcb3960794232290d524185a47c
08ff720283f3abc76864cf0fa40a1bec3f14d7aa3a1265958ac3a8d22df4550d
0da82bf8b350a6e43585878a7b9d8659e332e412655bf9ff604e88b5dad728f5
0dbf2428f20d7b5c89e48df54126458af3b9d2eb5b952bee1952adcda2b019db
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1f12ddd4ebdcc954b56af69bab02c6a1c2b85cb1400fe7b3a11b626dacfd425d
21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae
25551288c06fbe787a77b3133453f396ed512d79ae30d442860e564b6788cb1d
38c956b34dc567320caf014eb52094db8f92cf6aabc56d66df4f6d2aca78f95a
3e47eeccc0aa3d6b0d8274aae508b534aace531184501a499d530914ac34a058
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fa3c9b56f5edb221e887b2a467e74c8e9c4b1826e325c50427404793a5456e9
509e66e9d57dc801bf65ad9809b588f731c9c13f5495b53de37145f0c7932719
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137
6b631ffc891e5cb15a5faeff9185bf2d0d5690097314c1a068ce9892c8bafdb5
6bb4589f1239aca63c1cb896a8594f838a2d7f02e6b46a714791b16caf66a5eb
79b446b62ecadae0e5f36859d34256636cee47b1ca430d00e5260d5164f40fc4
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
8100261b0d8216cb30c22a7117ac261a68fba9b6d65d9e5d163508cbde8df678
858e3bf23f68e20778b3a80c4190ec57b4059dc1be9f95b8da2e8ce6a1c8ff5f
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
8bd47115b403213277667f22168fa894598202ae08b473f6ee2bcb3b8128a810
973cdf4604622a582de5ec5fc459eb8fd459f4e956639014bd093fd252e088e5
9a825167169a7545dbdfae7041c5554bb9fc666c4bb5898f5ebe4c4cf13bfff9
9e44a522f42ea65ada2082d3abd4a61ad7b78ca2f732e3e8c7d4cb39a90d6eac
9ed41948f68782f125665891f8fd849909885c48d83df03291bfe8ddca79df49
a48ce0d7ff31ddc451e565fd82dc05c5a6923bb8acb60c45e437fb8dba0a7764
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a654cde167587ff0f8ecaa0407794c6d6e51578d3bcba90e91d42f4799e1ce9c
a6d343d425bc38db90152fa06058b1c7391eca9264f334ef65c1ce175085c6f6
b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7
b681907f111f8edcdf5e1db6c5a455f5c19b5a4dfc20c5d6fb1d9d5fa456b100
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
c3a59146eed5adf30e39790940994d8cebf0d9602e3f1023db23d7b9a8cdf9e9
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
caebd4676e90fb46d42cf3ee6af3d70df6c48f4b3d5838a82491ce2269fd3277
cc3d482e79df6bbf7303b4a847461b429fc7ee463a7307684e62d7692f52c6b1
cdde89896ddc3909563c14cdc1687619191927063bad9d0e1a303752c3ee1103
d44c62654b3ede573d577c3718e1011bc54e0f8b5848aa9482eec5cbf19e1f9d
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d8f511e792d8bcbfdb6025cfb375b5d7d1b8555271a3c3a74a249d85852758e4
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
de4893a677f58b92e5b79c780e167626ccb9a34bede94d5d03d828363ef139fd
dfd2ae6abd2604b0172be65f0bff33fa0aad3b0e823e07e479ba3b8c24526abe
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65fa30610e5bea52045d9186830c2c96552e1857585fbe4534e6e2f345326f0
e70f8c397c577c98a26f712732321bf64aaa45c7e2a43293cb8c0677ee1a0f32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f058f7e6bf5c40f7fe1abbe949c12028c66775a4cc6039228ecf5bbf5c3107dd
f4bee3671d0bda04559edf15971211246757d21f0f3f976d958ebb91627f5cb6
f4e4d83b427c99a1978774c5e2b7eaa34f666f89b15a760bf63f4ba1d83db38d
ff2ff52f4eec3ec752941d22de649ad8294dddb659e2dab2e9f939aa0bd5bd0e