xmr.jcink.net Open in urlscan Pro
192.184.12.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://xmr.jcink.net/
Submission: On September 21 via manual (September 21st 2021, 4:31:34 pm UTC) from US — Scanned from DE

Summary HTTP 86 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 21 domains to perform 86 HTTP transactions. The main IP is 192.184.12.11, located in Los Angeles, United States and belongs to BLCC, US. The main domain is xmr.jcink.net.

This is the only time xmr.jcink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	192.184.12.11 192.184.12.11	32421 (BLCC) (BLCC)
11	74.102.155.91 74.102.155.91	701 (UUNET) (UUNET)
4	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 9	162.159.135.233 162.159.135.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 12	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
1	185.119.173.128 185.119.173.128	198047 (UKWEB-EQX) (UKWEB-EQX)
3 5	2606:4700:303... 2606:4700:3030::6815:3c95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.166.139.86 188.166.139.86	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	2600:3c02::f0... 2600:3c02::f03c:91ff:fee2:5b0f	63949 (LINODE-AP...) (LINODE-AP Linode)
1	45.79.244.12 45.79.244.12	63949 (LINODE-AP...) (LINODE-AP Linode)
1	148.72.158.137 148.72.158.137	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
2	185.59.220.199 185.59.220.199	60068 (CDN77 ^_^) (CDN77 ^_^)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
10	162.159.136.232 162.159.136.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
86	23

1 192.184.12.11 (Los Angeles, United States)

ASN32421 (BLCC, US)

xmr.jcink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 74.102.155.91 (Bergenfield, United States)

ASN701 (UUNET, US)
PTR: pool-74-102-155-91.nwrknj.fios.verizon.net

files.jcink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 162.159.135.233 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.112.193 (Frankfurt am Main, Germany) 6 redirects

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.119.173.128 (Slough, United Kingdom)

ASN198047 (UKWEB-EQX, DE)

rpgrating.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::6815:3c95 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.toprpsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.139.86 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

www.top-site-list.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:3c02::f03c:91ff:fee2:5b0f (Atlanta, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

sp-topsites.13days.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.244.12 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com

simcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.72.158.137 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: condor3827.startdedicated.com

marveltopsites.gotop100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.59.220.199 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-722.bunnyinfra.net

cdnw.nickpic.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 162.159.136.232 (None, )

ASN13335 (CLOUDFLARENET, US)

discord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	248 KB
12	imgur.com 6 redirects i.imgur.com	241 KB
12	jcink.net xmr.jcink.net files.jcink.net	198 KB
10	discord.com discord.com	179 KB
9	discordapp.com 1 redirects cdn.discordapp.com discordapp.com	353 KB
5	doubleclick.net googleads.g.doubleclick.net	33 KB
5	toprpsites.com 3 redirects www.toprpsites.com	198 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	74 KB
4	fontawesome.com use.fontawesome.com	88 KB
3	google.com adservice.google.com www.google.com	2 KB
2	googletagservices.com www.googletagservices.com	66 KB
2	google.de adservice.google.de	1018 B
2	nickpic.host cdnw.nickpic.host	2 MB
2	googleapis.com fonts.googleapis.com	2 KB
1	googleadservices.com partner.googleadservices.com	656 B
1	gotop100.com marveltopsites.gotop100.com	20 KB
1	simcast.com simcast.com
1	13days.net 1 redirects sp-topsites.13days.net	395 B
1	top-site-list.com www.top-site-list.com	15 KB
1	rpgrating.com rpgrating.com	3 KB
0	icyboards.net Failed static18.icyboards.net Failed
86	21

	Domain	Requested by
12	i.imgur.com	6 redirects xmr.jcink.net
11	pagead2.googlesyndication.com	xmr.jcink.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	files.jcink.net	xmr.jcink.net
10	discord.com	xmr.jcink.net discord.com
8	cdn.discordapp.com	xmr.jcink.net
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
5	www.toprpsites.com	3 redirects xmr.jcink.net
4	use.fontawesome.com	xmr.jcink.net use.fontawesome.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdnw.nickpic.host	xmr.jcink.net
2	fonts.googleapis.com	xmr.jcink.net googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	discordapp.com	1 redirects
1	marveltopsites.gotop100.com	xmr.jcink.net
1	simcast.com	xmr.jcink.net
1	sp-topsites.13days.net	1 redirects
1	www.top-site-list.com	xmr.jcink.net
1	rpgrating.com	xmr.jcink.net
1	xmr.jcink.net
0	static18.icyboards.net Failed	xmr.jcink.net
86	26

This site contains links to these domains. Also see Links.

Domain
discord.gg
cttw.jcink.net
shine.jcink.net
evviecodes.tumblr.com
www.invisionboard.com
jcink.com
www.invisionpower.com
rpgrating.com
rpg-directory.com
www.toprpsites.com
www.top-site-list.com
sp-topsites.13days.net
marveltopsites.gotop100.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
jcink.com R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
*.simcast.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-21` - `2022-05-22`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://xmr.jcink.net/
Frame ID: 7EFB5EB36A0AE12657E93AFADB83036E
Requests: 48 HTTP requests in this frame

Frame: https://discord.com/widget?id=310743453375922177&theme=dark
Frame ID: 713558B5B3FF52086213AEBBF5ED21E2
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=473210030&adf=3485687219&w=468&lmt=1632241888&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=http%3A%2F%2Fxmr.jcink.net%2F&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&dt=1632241888829&bpp=12&bdt=412&idt=108&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&correlator=3293276100176&frm=20&pv=2&ga_vid=426379111.1632241889&ga_sid=1632241889&ga_hid=2016194257&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=666&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C31062878%2C31062525%2C44750894&oid=3&pvsid=3024470026709216&pem=936&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ojheiNdIzc&p=http%3A//xmr.jcink.net&dtd=132
Frame ID: 0853765824BBD950E029F4E610223EE5
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js
Frame ID: 1D8D8186093BA03297D89483D3C6C85E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C2243B4A706621D9502AE9580A350D65
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C82A013168B6393AD5C19DF86B5A3D6C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20190131/zrt_lookup.html
Frame ID: C58803B40BF321EDC90FDC4BF2C9D41F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&adk=1812271804&adf=3025194257&lmt=1632241890&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=7887076200&format=0x0&url=http%3A%2F%2Fxmr.jcink.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1632241890308&bpp=1&bdt=1891&idt=1&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46b9a40172036e4e-2264d81242c900c5%3AT%3D1632241888%3ART%3D1632241888%3AS%3DALNI_MbjAAz1XyEe92FLliEIQMjJH9EpYw&prev_fmts=468x60_as&nras=1&correlator=3293276100176&pv_ch=7887076200%2B&frm=20&pv=1&ga_vid=426379111.1632241889&ga_sid=1632241889&ga_hid=2016194257&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C31062878%2C31062525%2C44750894&oid=3&psts=AGkb-H9Nwje8vLxUJLKHKxB36cSPnk3KKN4PU7uNhEW3omZgB26IHis8r9DM1QlJ5KMvGw740UBKKBPtNTTN&pvsid=3024470026709216&pem=936&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=16
Frame ID: B983211302D27F71B716D28FB55E20DD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

X-Men: Revolution

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

79 %
HTTPS

52 %
IPv6

21
Domains

26
Subdomains

23
IPs

4
Countries

3415 kB
Transfer

4447 kB
Size

5
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://discord.gg/gdDXwXp
Title: Discord

Search URL Search Domain Scan URL

URL: http://cttw.jcink.net/index.php?showuser=9613
Title: caution

Search URL Search Domain Scan URL

URL: http://shine.jcink.net/index.php?showuser=744
Title: shine

Search URL Search Domain Scan URL

URL: http://evviecodes.tumblr.com/
Title: tumblr

Search URL Search Domain Scan URL

URL: https://www.invisionboard.com/
Title: Invision Power Board

Search URL Search Domain Scan URL

URL: http://jcink.com/
Title: Jcink.com

Search URL Search Domain Scan URL

URL: https://jcink.com/
Title: Forum Hosting

Search URL Search Domain Scan URL

URL: https://www.invisionpower.com/
Title: IPS, Inc.

Search URL Search Domain Scan URL

URL: http://rpgrating.com/

Search URL Search Domain Scan URL

URL: http://rpg-directory.com/

Search URL Search Domain Scan URL

URL: http://www.toprpsites.com/

Search URL Search Domain Scan URL

URL: http://www.top-site-list.com/roleplaying/vote/463474

Search URL Search Domain Scan URL

URL: http://sp-topsites.13days.net/

Search URL Search Domain Scan URL

URL: http://marveltopsites.gotop100.com/in.php?ref=118

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://use.fontawesome.com/cdec8b37ef.js HTTP 307
https://use.fontawesome.com/cdec8b37ef.js

Request Chain 10

http://cdn.discordapp.com/attachments/384151494309576704/385423453013934080/Cyclops.jpg HTTP 307
https://cdn.discordapp.com/attachments/384151494309576704/385423453013934080/Cyclops.jpg

Request Chain 11

http://i.imgur.com/GmAkE2C.jpg HTTP 301
https://i.imgur.com/GmAkE2C.jpg

Request Chain 12

http://i.imgur.com/kqPzWlb.jpg HTTP 301
https://i.imgur.com/kqPzWlb.jpg

Request Chain 13

http://i.imgur.com/DKHxtF9.jpg HTTP 301
https://i.imgur.com/DKHxtF9.jpg

Request Chain 14

http://i.imgur.com/XIuu0ch.jpg HTTP 301
https://i.imgur.com/XIuu0ch.jpg

Request Chain 15

http://i.imgur.com/IiLB6xT.jpg HTTP 301
https://i.imgur.com/IiLB6xT.jpg

Request Chain 16

http://i.imgur.com/TfFqMC6.jpg HTTP 301
https://i.imgur.com/TfFqMC6.jpg

Request Chain 21

http://www.toprpsites.com/images/extra/button2.gif HTTP 301
https://www.toprpsites.com/images/extra/button2.gif

Request Chain 22

http://www.toprpsites.com/button.php?u=Terrah87-223303&buttontype=text HTTP 301
https://www.toprpsites.com/button.php?u=Terrah87-223303&buttontype=text HTTP 302
https://www.toprpsites.com/images/clear.png

Request Chain 24

http://sp-topsites.13days.net/button.php?u=Terrah87 HTTP 302
https://simcast.com/?d=13days.net&s=bone&sw=9&tr=924136993&oip=2a01:4f8:212:78e:2a::1&eol&adult=true

Request Chain 33

http://discordapp.com/widget?id=310743453375922177&theme=dark HTTP 307
https://discordapp.com/widget?id=310743453375922177&theme=dark HTTP 301
https://discord.com/widget?id=310743453375922177&theme=dark

86 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
xmr.jcink.net/ 91 KB
20 KB 464ms
461ms Document
text/html 192.184.12.11
BLCC

General

Check archive.org

Show headers Download Go to

Full URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Server: 192.184.12.11 Los Angeles, United States, ASN32421 (BLCC, US),
Reverse DNS
Software: nginx /
Resource Hash: c050138caaa071b7ddb79cca5f84ea2ab3b37c4b1430fb58cd895e383ea356f5

Request headers

Host: xmr.jcink.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 21 Sep 2021 23:26:31 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 19785
Connection: keep-alive
Set-Cookie: session_id=ec07e612b662055c21eb41604e211a01; path=/; HttpOnly mobile_mode=-1; expires=Wed, 21-Sep-2022 16:31:28 GMT; path=/
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
files.jcink.net/html/ 93 KB
33 KB 238ms
210ms Script
text/javascript 74.102.155.91
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: http://files.jcink.net/html/jquery-1.7.2.min.js
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Server: 74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS: pool-74-102-155-91.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 08 Jul 2012 10:03:46 GMT
Server: Apache
ETag: "5c8637-17278-4c44e9cf4d3af"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2
Content-Length: 33622

GET
H/1.1 200
OK jquery.cookie-1.3.1.js Show response
files.jcink.net/html/ 2 KB
1 KB 234ms
206ms Script
text/javascript 74.102.155.91
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: http://files.jcink.net/html/jquery.cookie-1.3.1.js
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Server: 74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS: pool-74-102-155-91.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 9a825167169a7545dbdfae7041c5554bb9fc666c4bb5898f5ebe4c4cf13bfff9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Aug 2013 04:57:13 GMT
Server: Apache
ETag: "980411-902-4e4821f947500"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2
Content-Length: 1067

GET
H/1.1 200
OK catcollapse.js Show response
files.jcink.net/html/ 3 KB
1 KB 233ms
205ms Script
text/javascript 74.102.155.91
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: http://files.jcink.net/html/catcollapse.js
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Server: 74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS: pool-74-102-155-91.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 9e44a522f42ea65ada2082d3abd4a61ad7b78ca2f732e3e8c7d4cb39a90d6eac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Jun 2013 15:44:45 GMT
Server: Apache
ETag: "5c6a9c-a54-4de55f5e091dc"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2
Content-Length: 851

GET
H2

200

cdec8b37ef.js Show response
use.fontawesome.com/
Redirect Chain

http://use.fontawesome.com/cdec8b37ef.js
https://use.fontawesome.com/cdec8b37ef.js

9 KB
4 KB

320ms
270ms

Script
text/javascript

2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/cdec8b37ef.js
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eff4f7093561260ac2bdb582e067cb643559377e83865692ddbdf64366516eee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:28 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N6K8GDAKFFFS3PAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: hgRPnCrS/8ekboENhJcpOwMubqDsD1bHvk+NdioAdZnnoNYbUG1KPm9b4Pi2fBeBq9G7sjAAUVg=
last-modified: Thu, 01 Jul 2021 15:05:12 GMT
server: cloudflare
etag: W/"5f859b97a5772351b82b3abf315fdc22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJtcjEKQEdD%2B%2Bp7%2Bp8PdYZ8gfoPhABco1sYPybg1WOcR45H5paG3Y9%2BY5%2BqWwmXq%2Bk6sp9ADPOSaTPSDPQjBBB0J635sWsD%2Blm3C1fDwlOn3exj2KmLBefydRu4VetBEb2IDuLOfP%2F2i%2BiFwD8orFRHE"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 6924af1b0fa64e6d-FRA

Redirect headers

Location: https://use.fontawesome.com/cdec8b37ef.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK css
fonts.googleapis.com/ 1 KB
990 B 28ms
26ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Barlow+Condensed

Requested by

Host: xmr.jcink.net
URL: http://xmr.jcink.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d74942d383c5643d6730e73802d3e7708956d4cf397c9a741cbea58b8aee854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Sep 2021 16:31:28 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Tue, 21 Sep 2021 16:31:28 GMT

GET
H/1.1 200
OK atb_help.gif
files.jcink.net/style_images/1/ 587 B
854 B 444ms
115ms Image
image/gif 74.102.155.91
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jcink.net/style_images/1/atb_help.gif
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS: pool-74-102-155-91.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 973cdf4604622a582de5ec5fc459eb8fd459f4e956639014bd093fd252e088e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:29 GMT
Last-Modified: Fri, 21 Jul 2006 00:02:15 GMT
Server: Apache
ETag: "5cc494-24b-4190c35842fc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2
Content-Length: 587

GET
H/1.1 200
OK atb_search.gif
files.jcink.net/style_images/1/ 554 B
821 B 444ms
116ms Image
image/gif 74.102.155.91
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jcink.net/style_images/1/atb_search.gif
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS: pool-74-102-155-91.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 8bd47115b403213277667f22168fa894598202ae08b473f6ee2bcb3b8128a810

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:29 GMT
Last-Modified: Fri, 21 Jul 2006 00:02:16 GMT
Server: Apache
ETag: "5cc499-22a-4190c35937200"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2
Content-Length: 554

GET
H/1.1 200
OK atb_members.gif
files.jcink.net/style_images/1/ 641 B
908 B 445ms
116ms Image
image/gif 74.102.155.91
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jcink.net/style_images/1/atb_members.gif
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS: pool-74-102-155-91.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: caebd4676e90fb46d42cf3ee6af3d70df6c48f4b3d5838a82491ce2269fd3277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:29 GMT
Last-Modified: Fri, 21 Jul 2006 00:02:15 GMT
Server: Apache
ETag: "5cc497-281-4190c35842fc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2
Content-Length: 641

GET
H/1.1 200
OK atb_calendar.gif
files.jcink.net/style_images/1/ 616 B
883 B 445ms
113ms Image
image/gif 74.102.155.91
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jcink.net/style_images/1/atb_calendar.gif
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS: pool-74-102-155-91.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: d44c62654b3ede573d577c3718e1011bc54e0f8b5848aa9482eec5cbf19e1f9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:29 GMT
Last-Modified: Fri, 21 Jul 2006 00:02:15 GMT
Server: Apache
ETag: "5cc490-268-4190c35842fc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2
Content-Length: 616

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 109 KB
38 KB 57ms
34ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: xmr.jcink.net
URL: http://xmr.jcink.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea2a2f4bb821f08722a6ea90da15aae697298d428a31317b4d830e5d8aa784ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38610
x-xss-protection: 0
server: cafe
etag: 15245143059167447328
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 16:31:28 GMT

GET
H2

200

Cyclops.jpg
cdn.discordapp.com/attachments/384151494309576704/385423453013934080/
Redirect Chain

http://cdn.discordapp.com/attachments/384151494309576704/385423453013934080/Cyclops.jpg
https://cdn.discordapp.com/attachments/384151494309576704/385423453013934080/Cyclops.jpg

321 KB
322 KB

540ms
509ms

Image
image/jpeg

162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/384151494309576704/385423453013934080/Cyclops.jpg
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b70870fedb0e285eaf0c9d191e9568a5181bb3e319b7a74edf35acc562d762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=BtoyXg==, md5=gXFkpcnY28tzpouWO9WaGg==
date: Tue, 21 Sep 2021 16:31:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdvcJ87hwjq3BmtJqNkw8TIE6mG4DgvqQryDlGsiasro5H-MHuznGkLI0mpWqhF_W6BYt9LSnqfic1uRp7CYQho
x-goog-storage-class: NEARLINE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 329010
last-modified: Wed, 29 Nov 2017 13:35:12 GMT
server: cloudflare
cache-control: public, max-age=31536000
etag: "817164a5c9d8dbcb73a68b963bd59a1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReDkbAlZb0MVzkF1%2BP%2FzEN%2B5mVGkD1na2xsBvpkHnHjgmH1oOGv2Hw49BLjZWRufrWvk0TwsJSK0DAEZMV5L95jbNIvbFmFDCOOyMmbBO3HSyyVpPSluZGRDmRlUHL%2BZC4oBnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1511962512070275
content-type: image/jpeg
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-goog-stored-content-length: 329010
accept-ranges: bytes
cf-ray: 6924af1d4f041f19-FRA
expires: Wed, 21 Sep 2022 16:31:29 GMT

Redirect headers

Location: https://cdn.discordapp.com/attachments/384151494309576704/385423453013934080/Cyclops.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

GmAkE2C.jpg
i.imgur.com/
Redirect Chain

http://i.imgur.com/GmAkE2C.jpg
https://i.imgur.com/GmAkE2C.jpg

17 KB
18 KB

115ms
98ms

Image
image/jpeg

151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/GmAkE2C.jpg

Requested by

Host: xmr.jcink.net
URL: http://xmr.jcink.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ce5a51135b4e58a2d2069d7a3a6dafa2499b8b9cf4b97b009bdc4152298d11e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:28 GMT
x-content-type-options: nosniff
age: 615174
x-cache: HIT, MISS
content-length: 17795
x-served-by: cache-bwi5177-BWI, cache-hhn4081-HHN
last-modified: Mon, 04 Mar 2019 04:10:18 GMT
server: cat factory 1.0
x-timer: S1632241889.843026,VS0,VE91
etag: "7da027b948f8001f96a10dd6b291a1a8"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

Redirect headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Server: cat factory 1.0
X-Timer: S1632241889.817959,VS0,VE0
X-Served-By: cache-hhn4054-HHN
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Location: https://i.imgur.com/GmAkE2C.jpg
X-Cache: HIT
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H2

200

kqPzWlb.jpg
i.imgur.com/
Redirect Chain

http://i.imgur.com/kqPzWlb.jpg
https://i.imgur.com/kqPzWlb.jpg

40 KB
40 KB

118ms
101ms

Image
image/jpeg

151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/kqPzWlb.jpg

Requested by

Host: xmr.jcink.net
URL: http://xmr.jcink.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

7ce348fe526c025fec7bfee9f02deac6f436322c0956a8a49194bca009357bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:28 GMT
x-content-type-options: nosniff
age: 295865
x-cache: HIT, MISS
content-length: 40459
x-served-by: cache-bwi5133-BWI, cache-hhn4081-HHN
last-modified: Mon, 04 Mar 2019 03:54:58 GMT
server: cat factory 1.0
x-timer: S1632241889.843021,VS0,VE94
etag: "609849c9b3002b301f64574db6f507c3"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

Redirect headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Server: cat factory 1.0
X-Timer: S1632241889.817662,VS0,VE0
X-Served-By: cache-hhn4070-HHN
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Location: https://i.imgur.com/kqPzWlb.jpg
X-Cache: HIT
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H2

200

DKHxtF9.jpg
i.imgur.com/
Redirect Chain

http://i.imgur.com/DKHxtF9.jpg
https://i.imgur.com/DKHxtF9.jpg

84 KB
84 KB

101ms
100ms

Image
image/jpeg

151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/DKHxtF9.jpg

Requested by

Host: xmr.jcink.net
URL: http://xmr.jcink.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

bd7d21fafb271a7fa4dc59a2ac703241d431ae9c42edb3ec9bfaed512834eb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:28 GMT
x-content-type-options: nosniff
age: 267124
x-cache: HIT, MISS
content-length: 85513
x-served-by: cache-bwi5155-BWI, cache-hhn4081-HHN
last-modified: Fri, 02 Feb 2018 06:54:15 GMT
server: cat factory 1.0
x-timer: S1632241889.847016,VS0,VE90
etag: "0b6c22f6eaa05b0148f67dda636d16bd"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

Redirect headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Server: cat factory 1.0
X-Timer: S1632241889.832977,VS0,VE0
X-Served-By: cache-hhn4065-HHN
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Location: https://i.imgur.com/DKHxtF9.jpg
X-Cache: HIT
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H2

200

XIuu0ch.jpg
i.imgur.com/
Redirect Chain

http://i.imgur.com/XIuu0ch.jpg
https://i.imgur.com/XIuu0ch.jpg

19 KB
19 KB

105ms
105ms

Image
image/jpeg

151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/XIuu0ch.jpg

Requested by

Host: xmr.jcink.net
URL: http://xmr.jcink.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a1b8e167d30a7ae174fd8790b799de5b5bdba4c112160de0d5de9eae9e880602

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:28 GMT
x-content-type-options: nosniff
age: 267122
x-cache: HIT, MISS
content-length: 19089
x-served-by: cache-bwi5138-BWI, cache-hhn4081-HHN
last-modified: Mon, 16 Dec 2019 23:18:58 GMT
server: cat factory 1.0
x-timer: S1632241889.883692,VS0,VE93
etag: "546466f43c668f17465bb7b24288916c"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

Redirect headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Server: cat factory 1.0
X-Timer: S1632241889.873012,VS0,VE0
X-Served-By: cache-hhn4036-HHN
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Location: https://i.imgur.com/XIuu0ch.jpg
X-Cache: HIT
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H2

200

IiLB6xT.jpg
i.imgur.com/
Redirect Chain

http://i.imgur.com/IiLB6xT.jpg
https://i.imgur.com/IiLB6xT.jpg

24 KB
24 KB

109ms
108ms

Image
image/jpeg

151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/IiLB6xT.jpg

Requested by

Host: xmr.jcink.net
URL: http://xmr.jcink.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d2c8f9bb3b71af0d08591581716f22808115b28939c048cac92d94d281fff974

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:28 GMT
x-content-type-options: nosniff
age: 1029449
x-cache: HIT, MISS
content-length: 24138
x-served-by: cache-bwi5152-BWI, cache-hhn4081-HHN
last-modified: Mon, 04 Mar 2019 04:14:26 GMT
server: cat factory 1.0
x-timer: S1632241889.883659,VS0,VE93
etag: "2800dfbaaa5e992f7e293464229e9f3b"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

Redirect headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Server: cat factory 1.0
X-Timer: S1632241889.872752,VS0,VE0
X-Served-By: cache-hhn4057-HHN
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Location: https://i.imgur.com/IiLB6xT.jpg
X-Cache: HIT
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H2

200

TfFqMC6.jpg
i.imgur.com/
Redirect Chain

http://i.imgur.com/TfFqMC6.jpg
https://i.imgur.com/TfFqMC6.jpg

55 KB
55 KB

100ms
100ms

Image
image/jpeg

151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/TfFqMC6.jpg

Requested by

Host: xmr.jcink.net
URL: http://xmr.jcink.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

fe19f0279e1d22a291471ca4cf8a83734493a8539374d2738c4ce14ef68ea708

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:28 GMT
x-content-type-options: nosniff
age: 267122
x-cache: HIT, MISS
content-length: 55920
x-served-by: cache-bwi5174-BWI, cache-hhn4081-HHN
last-modified: Thu, 16 May 2019 16:18:33 GMT
server: cat factory 1.0
x-timer: S1632241889.883638,VS0,VE92
etag: "dd4b17fb8195092d57efc39fff85090d"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

Redirect headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Server: cat factory 1.0
X-Timer: S1632241889.872888,VS0,VE0
X-Served-By: cache-hhn4078-HHN
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Location: https://i.imgur.com/TfFqMC6.jpg
X-Cache: HIT
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK common.c.js Show response
files.jcink.net/html/quickedit/ 674 B
722 B 106ms
105ms Script
text/javascript 74.102.155.91
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: http://files.jcink.net/html/quickedit/common.c.js
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Server: 74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS: pool-74-102-155-91.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 3e47eeccc0aa3d6b0d8274aae508b534aace531184501a499d530914ac34a058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Mar 2017 00:14:34 GMT
Server: Apache
ETag: "5c5520-2a2-54a695ceb8562"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2
Content-Length: 402

GET
H/1.1 200
OK qe.js Show response
files.jcink.net/html/quickedit/ 10 KB
3 KB 104ms
102ms Script
text/javascript 74.102.155.91
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: http://files.jcink.net/html/quickedit/qe.js
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Server: 74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS: pool-74-102-155-91.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: f4bee3671d0bda04559edf15971211246757d21f0f3f976d958ebb91627f5cb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Jun 2021 18:10:48 GMT
Server: Apache
ETag: "5e5c99-268f-5c5af2cfe13f5"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2
Content-Length: 3166

GET
H/1.1 200
OK 322.png
rpgrating.com/ratings/ 3 KB
3 KB 199ms
55ms Image
image/png 185.119.173.128
UKWEB-EQX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rpgrating.com/ratings/322.png
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Server: 185.119.173.128 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE),
Reverse DNS
Software: Apache /
Resource Hash: 71b2ed3e847ddb610560ad735151314326367653e096bf23c90e524ec4d64a96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:29 GMT
X-Cache-Lookup: MISS from lin-10-170-0-106.gridhost.co.uk:3128
Last-Modified: Wed, 20 Dec 2017 14:23:25 GMT
Server: Apache
ETag: "34525d98-bc0-560c65393a95f"
X-Cache: MISS from lin-10-170-0-106.gridhost.co.uk
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3008

GET rpgdbutton1.png
static18.icyboards.net/rpgdirectory/images/ 0
0

GET
H2

200

button2.gif
www.toprpsites.com/images/extra/
Redirect Chain

http://www.toprpsites.com/images/extra/button2.gif
https://www.toprpsites.com/images/extra/button2.gif

192 KB
193 KB

41ms
16ms

Image
image/gif

2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.toprpsites.com/images/extra/button2.gif

Requested by

Host: xmr.jcink.net
URL: http://xmr.jcink.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b6c4b59d03c428d8c3b5d7b65caa87e207cf7b6712806fca986230fe174c62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 714676
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 196887
x-xss-protection: 1; mode=block
content-transport-security: max-age=1000
pragma: public
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 May 2021 01:16:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnZiLAYtuc11n4iuKIS8IyEEuaDaa6SGkiIYI8Dy4d4M9BdrXXWJPIl8x3EEetiIImshvBQHdSH%2BSrbxK7tgCoy42FXB8x2lXiF7ptFdke8sfRLHFZsHW2v0uDzWdX49%2B5xlXPj%2B0LloIhpwBxGXA1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6924af1dfea16945-FRA
expires: Fri, 12 Nov 2021 10:00:12 GMT

Redirect headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXIrEDHQeVfOXWliY%2BYc%2FB5bTood35rbEysMmD%2BPqq9dVoDAiAJe61LHsjpeakdgYZLQH9EAH3ps1GOoa%2BOqvIiXwi0pLCch1CNZh07nDobap42bpDdDHhUujJNADg56MdHIgeCxW%2FSRBXzw5LHp2G4%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.toprpsites.com/images/extra/button2.gif
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6924af1dac874e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Expires: Tue, 21 Sep 2021 17:31:28 GMT

GET
H2

200

clear.png
www.toprpsites.com/images/
Redirect Chain

http://www.toprpsites.com/button.php?u=Terrah87-223303&buttontype=text
https://www.toprpsites.com/button.php?u=Terrah87-223303&buttontype=text
https://www.toprpsites.com/images/clear.png

3 KB
3 KB

318ms
17ms

Image
image/png

2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.toprpsites.com/images/clear.png

Requested by

Host: xmr.jcink.net
URL: http://xmr.jcink.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fe68d46ebe475ae311d080bdd17e29596eaae63215d8b1da1d92e6ea4ea7a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1604540
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2792
x-xss-protection: 1; mode=block
content-transport-security: max-age=1000
pragma: public
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 May 2021 01:16:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1Am7Bm7OAiLGnmIIkScTQwqFI4chHip9T8wsNexRpiIJYvNmmAOgL646FkN3K03qTMd6Fp4Ob%2FwC9GnrvA%2BYtj179yvp%2BAfLSXA7NTs5H9Mol5%2FuExe2yEsn9O05Hx4%2FYBDUlWXwKL7Tf5JKMWJ%2Bgk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6924af234c226945-FRA
expires: Tue, 02 Nov 2021 02:49:09 GMT

Redirect headers

date: Tue, 21 Sep 2021 16:31:29 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6924af1dfea46945-FRA
x-nginx-cache-status: BYPASS
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GCZhfAq%2FrMsymOLZz598szHfrRET4loFtxaIS1j0YNqWs2sWNadphF3YfxfYsSCVC4mghTmeWpHeghmybkoFTV5%2FqLrAbHEqGwI%2F%2F8jyrG5Qh83L3qkJCUxD88wRF6YfaExSB2fsjshoqwRDqtLq%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.toprpsites.com/images/clear.png
content-transport-security: max-age=1000

GET
H/1.1 200
OK 4019-51f26eee6055e.gif
www.top-site-list.com/user-images/list-vote-images/ 15 KB
15 KB 191ms
34ms Image
image/gif 188.166.139.86
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.top-site-list.com/user-images/list-vote-images/4019-51f26eee6055e.gif
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Server: 188.166.139.86 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 3042e552b4fd506b9db35b76f811b05825634bc061150b7f4eb6791431693c45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-_uri: /user-images/list-vote-images/4019-51f26eee6055e.gif
Date: Tue, 21 Sep 2021 16:31:29 GMT
Last-Modified: Sun, 25 Oct 2015 18:36:53 GMT
Server: nginx/1.14.2
ETag: "562d2145-3ab5"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15029

GET
H/1.1

200
OK

/
simcast.com/
Redirect Chain

http://sp-topsites.13days.net/button.php?u=Terrah87
https://simcast.com/?d=13days.net&s=bone&sw=9&tr=924136993&oip=2a01:4f8:212:78e:2a::1&eol&adult=true

0
0

771ms
469ms

Image
text/html

45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simcast.com/?d=13days.net&s=bone&sw=9&tr=924136993&oip=2a01:4f8:212:78e:2a::1&eol&adult=true
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Date: Tue, 21 Sep 2021 16:31:29 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
X-Powered-By: PHP/5.5.38
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://simcast.com/?d=13days.net&s=bone&sw=9&tr=924136993&oip=2a01:4f8:212:78e:2a::1&eol&adult=true
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK 12673.jpg
marveltopsites.gotop100.com/lists/marveltopsites/custombanners/ 20 KB
20 KB 536ms
240ms Image
image/jpeg 148.72.158.137
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://marveltopsites.gotop100.com/lists/marveltopsites/custombanners/12673.jpg

Requested by

Host: xmr.jcink.net
URL: http://xmr.jcink.net/

Protocol

HTTP/1.1

Server

148.72.158.137 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

condor3827.startdedicated.com

Software

nginx /

Resource Hash

8dcf2ba2c1cbdeba3ef8844bd7d4159972e6b55d584462f73a3f35af766101d0

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:32:16 GMT
Last-Modified: Fri, 17 Nov 2017 02:39:33 GMT
Server: nginx
ETag: "5a0e4be5-4f55"
X-Frame-Options: DENY
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20309

GET
H/1.1 200
OK o8nnjq.jpg
cdnw.nickpic.host/ 638 KB
639 KB 223ms
183ms Image
image/jpeg 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdnw.nickpic.host/o8nnjq.jpg
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-722.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: adb709fc54f3e4b067b26fb24162ae458a0c934a88b77019593e383a68a054e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:29 GMT
CDN-EdgeStorageId: 565
CDN-CachedAt: 2021-09-21 18:31:29
CDN-PullZone: 406765
Connection: keep-alive
Content-Length: 653784
Link: <https://fluffy.nickpic.host/o8nnjq.jpg>; rel="canonical"
Last-Modified: Fri, 19 Jul 2019 18:35:48 GMT
Server: BunnyCDN-DE1-722
CDN-RequestPullCode: 200
Content-Type: image/jpeg
CDN-Cache: MISS
CDN-Uid: c1e8982b-365d-4dbc-95c8-259bb9956b9b
Cache-Control: public, max-age=31919000
CDN-RequestId: 1083d37eac0030d7e826c424d2032405
Accept-Ranges: bytes
CDN-RequestCountryCode: DE
CDN-Status: 200
CDN-RequestPullSuccess: True

GET
H/1.1 200
OK kenyan_coffee_rg.ttf
files.jcink.net/uploads/evvietesting/Fonts/ 80 KB
80 KB 217ms
216ms Font
application/octet-stream 74.102.155.91
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: http://files.jcink.net/uploads/evvietesting/Fonts/kenyan_coffee_rg.ttf
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Server: 74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS: pool-74-102-155-91.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 19eefcb5c6765bdb27bd7021712bab93ec50b82763cda8085139da5b60389220

Request headers

Referer: http://xmr.jcink.net/
Origin: http://xmr.jcink.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Last-Modified: Tue, 28 Nov 2017 14:22:09 GMT
Server: Apache
ETag: "1501445-140b4-55f0bbe85c24e"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2
Content-Length: 82100

GET
H2 200 cdec8b37ef.css
use.fontawesome.com/ 1 KB
791 B 270ms
270ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/cdec8b37ef.css
Requested by: Host: use.fontawesome.com
URL: http://use.fontawesome.com/cdec8b37ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64f9ab9e7ac0d57171c8976ac5245eb56ac3e432ed83368f03b08099944a1d9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N6KC4Z8JBFH317DK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: vIuuR6IJbudbTpqqyfjqp1IPqFEKn58mZL6STi4cWeymUwGw4KIyUfLIQ5xEjbGiBdhoeklVk2A=
last-modified: Thu, 01 Jul 2021 15:05:12 GMT
server: cloudflare
etag: W/"a88022ea9e717f8166043b82c7c92267"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYeqrh5ahygwYyAMHZibYwSs7H0Je1z%2B%2FwNCLlS%2FIJ7Ej41H9ev%2FKNG8YhGozDNDQPoNSNHjG7ULkaeEO1ZlZ%2BujBS53g%2BmoIRunyA6%2FNfVBaew395WCWyJL85ksOMRSwmCLQuv41YMWhWrEUDBBwrzZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 6924af1d0b8f4e6d-FRA

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/ 253 KB
94 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=xmr.jcink.net&bust=31062878

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d21c8bd2e8b2f5a56b540807fec034374ae70b88dc022ee1e6db57431e3899c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95714
x-xss-protection: 0
server: cafe
etag: 3232603846146272685
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 16:31:28 GMT

GET
H/1.1 200
OK oHn5J1.jpg
cdnw.nickpic.host/ 1 MB
1 MB 197ms
193ms Image
image/jpeg 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdnw.nickpic.host/oHn5J1.jpg
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-722.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: f362b8ba7a1698d2278de5a919fd2cc922510091d75ed82bb6bbac7699229972

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:29 GMT
CDN-EdgeStorageId: 632
CDN-CachedAt: 2021-09-21 18:31:29
CDN-PullZone: 406765
Connection: keep-alive
Content-Length: 1082425
Link: <https://fluffy.nickpic.host/oHn5J1.jpg>; rel="canonical"
Last-Modified: Fri, 19 Jul 2019 18:36:07 GMT
Server: BunnyCDN-DE1-722
CDN-RequestPullCode: 200
Content-Type: image/jpeg
CDN-Cache: MISS
CDN-Uid: c1e8982b-365d-4dbc-95c8-259bb9956b9b
Cache-Control: public, max-age=31919000
CDN-RequestId: dcfe1d5662d0792294cc081da08de010
Accept-Ranges: bytes
CDN-RequestCountryCode: DE
CDN-Status: 200
CDN-RequestPullSuccess: True

GET
H/1.1 200
OK lemonmilk_webfont.ttf
files.jcink.net/uploads/evvietesting/Fonts/ 55 KB
55 KB 207ms
207ms Font
application/octet-stream 74.102.155.91
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: http://files.jcink.net/uploads/evvietesting/Fonts/lemonmilk_webfont.ttf
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: HTTP/1.1
Server: 74.102.155.91 Bergenfield, United States, ASN701 (UUNET, US),
Reverse DNS: pool-74-102-155-91.nwrknj.fios.verizon.net
Software: Apache /
Resource Hash: 085ec20c1fdafb37366fecc2cab2f8c77062c1139a83a30c575950aaf699d37b

Request headers

Referer: http://xmr.jcink.net/
Origin: http://xmr.jcink.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 16:31:28 GMT
Last-Modified: Tue, 28 Nov 2017 14:16:28 GMT
Server: Apache
ETag: "1501444-db74-55f0baa3b797a"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2
Content-Length: 56180

GET
H/1.1 200
OK HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ 19 KB
20 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/barlowcondensed/v5/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Barlow+Condensed

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32387836fb24cb0196a59da5f3fc92cff01d4a88f35aecd7f4d49785179aff88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://xmr.jcink.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 06:10:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Sep 2020 17:04:59 GMT
Server: sffe
Age: 382835
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 19492
X-XSS-Protection: 0
Expires: Sat, 17 Sep 2022 06:10:53 GMT

GET
H2

200

widget Show response
discord.com/ Frame 7135
Redirect Chain

http://discordapp.com/widget?id=310743453375922177&theme=dark
https://discordapp.com/widget?id=310743453375922177&theme=dark
https://discord.com/widget?id=310743453375922177&theme=dark

530 B
1 KB

77ms
31ms

Document
text/html

162.159.136.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/widget?id=310743453375922177&theme=dark

Requested by

Host: xmr.jcink.net
URL: http://xmr.jcink.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8221b08f546870e4a202b29c008f73d7602a47166c53c81fe6fcf6ddc24b1e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: discord.com
:scheme: https
:path: /widget?id=310743453375922177&theme=dark
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://xmr.jcink.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
content-type: text/html
cf-ray: 6924af1e4cd797d2-FRA
cache-control: public, max-age=14400
etag: W/"d8953876016c454833620df170fa0f3c"
last-modified: Sat, 28 Dec 2019 00:42:28 GMT
set-cookie: __dcfduid=5f54e1e01af911eca2e53dc56b0b9f61; Expires=Sun, 20 Sep 2026 16:31:29 GMT; Max-Age=157680000; Path=/; Secure; HttpOnly; SameSite=Lax __sdcfduid=5f54e1e11af911eca2e53dc56b0b9f61eefab1d522e5e2b4fff42db6c77dd1d25bdee6c58e70c2cd8ed848e845814564; Expires=Sun, 20 Sep 2026 16:31:29 GMT; Max-Age=157680000; Path=/; Secure; HttpOnly; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
permissions-policy: interest-cohort=()
x-build-id: 7076453
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcA%2FERcExcQqjSpN%2FkyXHYKbBjWskiiF%2BJeWsPk%2BpSngtUbj933OHYjZwvYgYlqy1NKCOJZJz6yiQ9pY1naMpMNlHfKwoZ%2FsPzfq8O1AXzWk5ivYiBzbJ%2BhRNHk5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Tue, 21 Sep 2021 16:31:28 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
location: https://discord.com/widget?id=310743453375922177&theme=dark
strict-transport-security: max-age=31536000; includeSubDomains; preload
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
x-frame-options: DENY
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-xss-protection: 1; mode=block
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDPtZYgvUFQ2fXxcmrhR6xHkPZa90%2FetIRsmgWrytoE%2FvUwYDWm4wJ2Wfeh00eBkV9ic3p3ng7796XcHpDOpa7wgUHbbhy8PyuZm1iHhf%2BOIOeiVDb087nEmIX2S7bJq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6924af1ddfe11f19-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
656 B 56ms
23ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xmr.jcink.net&callback=_gfp_s_&client=ca-pub-6157690437594429

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=pub-6157690437594429&plah=xmr.jcink.net&bust=31062878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

afdd4a1a384ed74474d5cc3004b3e48f489c2ddb6274553d031c14bbf1df0eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 55ms
23ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xmr.jcink.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 16:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 53ms
25ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xmr.jcink.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 16:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0853 106 KB
28 KB 436ms
402ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=473210030&adf=3485687219&w=468&lmt=1632241888&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=http%3A%2F%2Fxmr.jcink.net%2F&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&dt=1632241888829&bpp=12&bdt=412&idt=108&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&correlator=3293276100176&frm=20&pv=2&ga_vid=426379111.1632241889&ga_sid=1632241889&ga_hid=2016194257&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=666&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C31062878%2C31062525%2C44750894&oid=3&pvsid=3024470026709216&pem=936&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ojheiNdIzc&p=http%3A//xmr.jcink.net&dtd=132

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbad3691fbb493312d7b364241cd39faa3526471d5dda9a0de8b10d92abc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=473210030&adf=3485687219&w=468&lmt=1632241888&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=http%3A%2F%2Fxmr.jcink.net%2F&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&dt=1632241888829&bpp=12&bdt=412&idt=108&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&correlator=3293276100176&frm=20&pv=2&ga_vid=426379111.1632241889&ga_sid=1632241889&ga_hid=2016194257&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=666&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C31062878%2C31062525%2C44750894&oid=3&pvsid=3024470026709216&pem=936&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ojheiNdIzc&p=http%3A//xmr.jcink.net&dtd=132
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://xmr.jcink.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 21 Sep 2021 16:31:29 GMT
server: cafe
content-length: 28410
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Sep-2021 16:46:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 21 Sep 2021 16:31:29 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 266ms
233ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1632137829538267"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 21 Sep 2021 16:31:29 GMT

GET
H2 200 index.f7afda7848e99e6cf0ab.css
discord.com/assets/ Frame 7135 12 KB
3 KB 31ms
30ms Stylesheet
text/css 162.159.136.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/index.f7afda7848e99e6cf0ab.css

Requested by

Host: discord.com
URL: https://discord.com/widget?id=310743453375922177&theme=dark

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a862babcfacd7c1aa46359537469d49cf3fa2543f9c3578b7239fc7a71850a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discord.com/widget?id=310743453375922177&theme=dark
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Dec 2019 02:15:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"2b3104655edccd1fdd748710ee26d533"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgpxRmy3WbB5YdVITiklByvPxhznJqiRqSN8qJcPcmWPuecnY6ZSuj4DP4CA9LhlVaiLFqIUIlW1PBpZVSC5IGhJ8Lc0E%2FOY%2B0ILoCe7D2Dr7vdZx%2BG9BtrbFjCR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: https://discord.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 6924af1e9ce797d2-FRA

GET
H2 200 5a61f8e3e63b7e93777f.js Show response
discord.com/assets/ Frame 7135 162 KB
52 KB 31ms
31ms Script
application/javascript 162.159.136.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/5a61f8e3e63b7e93777f.js

Requested by

Host: discord.com
URL: https://discord.com/widget?id=310743453375922177&theme=dark

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d089876e0f3ae1219da42bc710342b66ff8b39b78cbad063104a8824a643489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discord.com/widget?id=310743453375922177&theme=dark
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 28 Dec 2019 00:42:28 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"71a087aa53d61c4dfe1050a2ef58dce1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESZlMgcqJy3E4pJx1Jpz5nKrbfOor3fpSdqPuosBUYnsLX7DvwR1PAYdY0en02aFMVd2Ci41KuJoZ5ntN7mcLA%2BNiyz%2BNjYq7ye7RcvWnBqbb5CMAk%2BnCNANdVao"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: https://discord.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 6924af1e9ce897d2-FRA

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 22ms
21ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/cdec8b37ef.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/cdec8b37ef.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6639846
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BVYNR017DZMX3ZD5
x-amz-id-2: QGjj4hxJUhuaeVUZXRjN85iZvcJa67QWP4rmwsnDS8rLQDMUxrDVFqF/Bir2ZYZv+FIyO3nBxiU=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdQNwBk25eT9MlJDkiVY9XWnF8wO%2FK8ZcAeQai2PSvylBl%2Fsa6JBWUHB86z8qqTRlYmWMmKzdcB3MKSPxkxI2eGz6PpPhLnwkSUbm6I7WcJeA%2FLpWiZxmcFxS9u5cmf8PkIJxxXTYW92wlOjK61GLZfE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6924af1ecf1b4e6d-FRA

GET
H3 200 widget.json Show response
discord.com/api/guilds/310743453375922177/ Frame 7135 3 KB
2 KB 164ms
163ms XHR
application/json 162.159.136.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/api/guilds/310743453375922177/widget.json

Requested by

Host: discord.com
URL: https://discord.com/assets/5a61f8e3e63b7e93777f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62fad7472c1602c52d26ed11423408d59f0dd479992c109e415327aaee6991c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discord.com/widget?id=310743453375922177&theme=dark
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 36
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U78HHQy7Nmn12cmnB9%2FRKqssB6OREFdL0qabKVGc4EK8AhVGxqzH0t9lsubgZcuFIh4I%2B5vbh4rPgSmFUfS3q31cNmd8jhr7EnguiqAxlwpTyclkeDCL2YC82gn6"}],"group":"cf-nel","max_age":604800}
content-type: application/json
vary: Accept-Encoding
cache-control: public, max-age=300
cf-ray: 6924af1f1f7f97c6-FRA
expires: Tue, 21 Sep 2021 16:36:29 GMT

GET
H3 200 35d75407bd75d70e84e945c9f879bab8.svg
discord.com/assets/ Frame 7135 2 KB
2 KB 26ms
26ms Image
image/svg+xml 162.159.136.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com/assets/35d75407bd75d70e84e945c9f879bab8.svg

Requested by

Host: discord.com
URL: https://discord.com/assets/index.f7afda7848e99e6cf0ab.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c200d765749f4f2d390975e2d4d9b74d01756df1be84625ffaad8f98e0d9be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discord.com/assets/index.f7afda7848e99e6cf0ab.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Jul 2018 01:03:19 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"35d75407bd75d70e84e945c9f879bab8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLZXWMi0fGb5THp44AM7zqTiYh5lu8mBEliizvbd%2FK12LnAY812NfdFTUpxpKKnrZ3fgpIaN%2BxhBPb51mEoKlGxpx83O0SakGDTr4P%2BnWxNuBKAAITdcpAlW%2Fyru"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: https://discord.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 6924af1f1f8097c6-FRA

GET
H3 200 db9fd9dac08621e31b06609781c8851c.png
discord.com/assets/ Frame 7135 9 KB
9 KB 53ms
53ms Image
image/png 162.159.136.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com/assets/db9fd9dac08621e31b06609781c8851c.png

Requested by

Host: discord.com
URL: https://discord.com/assets/index.f7afda7848e99e6cf0ab.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a43e60b6e04d1f136f7c0d529705a4fdd0ccd46c78cdba37a68626182860604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discord.com/assets/index.f7afda7848e99e6cf0ab.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8889
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Jul 2018 01:03:18 GMT
server: cloudflare
x-frame-options: DENY
etag: "db9fd9dac08621e31b06609781c8851c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUu3NGB6STO1g61afgT0%2BvQ09d1og%2Bk2y5husVYzTExZlnHU4IBdq2T4VoazU7DdeTyHjG0BWbbx6D1NVfcLaxgF5JfhkiKr5v7fhUZz%2FA0CJiqyMqGCYw8SNkNP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: https://discord.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 6924af1f1f8197c6-FRA

GET
H3 200 1c7d080332a1c9778182bc19c2f407bc.png
discord.com/assets/ Frame 7135 5 KB
6 KB 61ms
61ms Image
image/png 162.159.136.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com/assets/1c7d080332a1c9778182bc19c2f407bc.png

Requested by

Host: discord.com
URL: https://discord.com/assets/index.f7afda7848e99e6cf0ab.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cabb90c13161a85c44776473fcc004c6f8c37f5fa6e93b8efbd175d4289b024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discord.com/assets/index.f7afda7848e99e6cf0ab.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5438
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Jun 2018 17:54:23 GMT
server: cloudflare
x-frame-options: DENY
etag: "1c7d080332a1c9778182bc19c2f407bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHc2xHG%2BnpMRWlu5d4Ba1rAbLvROmqYO%2F0b%2FBYLyB%2FTRsUvCEz6gPHAbtIkjm8%2BKR7cCZVZXObH7ysIzTfaw2nswLhheYZaKMYdY%2ByiFHJ2p6oy27HYI8n9Be6GO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: https://discord.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 6924af1f1f8297c6-FRA

GET
H3 200 8e12fb4f14d9c4592eb8ec9f22337b04.woff
discord.com/assets/ Frame 7135 78 KB
35 KB 29ms
28ms Font
application/font-woff 162.159.136.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/8e12fb4f14d9c4592eb8ec9f22337b04.woff

Requested by

Host: discord.com
URL: https://discord.com/assets/index.f7afda7848e99e6cf0ab.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5913345a9723fb09f8c8c478446348175a4f00c0e4db0db9e275444604650cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discord.com/assets/index.f7afda7848e99e6cf0ab.css
Origin: https://discord.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Aug 2019 23:01:22 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"8e12fb4f14d9c4592eb8ec9f22337b04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85d6rw2OgIoLE1xNE1M4ReaTqApvwd0gX2jgliP7geFWcOFIatWyHFiHD4Tu2WENjk3j0%2F43514an9zHUBh%2B%2FZacFVyMDjBzmw6mJiUnYqvzStlPXYlfC49XuTfF"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: https://discord.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 6924af1f1f8397c6-FRA

GET
H3 200 e8acd7d9bf6207f99350ca9f9e23b168.woff
discord.com/assets/ Frame 7135 76 KB
34 KB 45ms
45ms Font
application/font-woff 162.159.136.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff

Requested by

Host: discord.com
URL: https://discord.com/assets/index.f7afda7848e99e6cf0ab.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f823bc4b56f481fbceab4158d855e5d11628198a9e404b827b755fe45d4d1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discord.com/assets/index.f7afda7848e99e6cf0ab.css
Origin: https://discord.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Sep 2019 18:44:29 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"e8acd7d9bf6207f99350ca9f9e23b168"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjyFYpUt8W0OWv77Tm8umffw1I4KX7X3i0kvzxWPAuvEa8XdbwqU9VRYN8daW1au02dmd8R%2F8gGTKI0yVU9ZTUp%2BO0OOBNKPtjMANSSNK2N4XaGDKo5ZuiPfFe4g"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: https://discord.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 6924af1f1f8597c6-FRA

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 148ms
120ms Font
application/font-woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/cdec8b37ef.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/cdec8b37ef.css
Origin: http://xmr.jcink.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 23SY88G70R2NA7V0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
x-amz-id-2: o6p1BiGp4/9GGZsGpFQH8mNbWzr6NkNWhuL/zRFoBSs+hImIeSrmtYPwdJEroN+kvDjbl9hnFBk=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSeOAcx5E2%2B8mAHlSYuBDomeDD3yE6H8wSpweWu5ym7MwD7DJKEQIvqwIbpakLhkaDCY8eb5L7TbQLHvvcoNcM6BJWsDRtFKh1OgnrMcXUb4m97FeiHg%2BwzBqG%2BksmmfXB1D9wy%2FAOp9otb6Ix4NcHSE"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6924af1f6ce805f1-FRA

GET
H2 200 ZvDFIvMjcwy8PGrv9n31xPBt_m-iFqMf15v55oQabJZ1cYOBEwPO35xB5he5P-q3lSF3lUAlboxY4Z04PUZ7dZSjN8sov8lMsTDKpBUZyIGtiONdzwCVF502TLnhZNDy-HGT5UPOx1PKsg
cdn.discordapp.com/widget-avatars/RN8NtV-hBmZ6VMgjh6tmkWzodxvTujEXESvaz2o2Ra8/ Frame 7135 4 KB
5 KB 174ms
173ms Image
image/jpeg 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/RN8NtV-hBmZ6VMgjh6tmkWzodxvTujEXESvaz2o2Ra8/ZvDFIvMjcwy8PGrv9n31xPBt_m-iFqMf15v55oQabJZ1cYOBEwPO35xB5he5P-q3lSF3lUAlboxY4Z04PUZ7dZSjN8sov8lMsTDKpBUZyIGtiONdzwCVF502TLnhZNDy-HGT5UPOx1PKsg
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b3ad08b4734c9f3b287b27685e1c68b446a69709e18a3b6e697f6e654bdd9b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6924af203b441f19-FRA
x-envoy-upstream-service-time: 50
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4598
last-modified: Sun, 29 Aug 2021 17:07:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1q7W6Bu3lRi%2F7g2UWQaXK2cJnmYuLecHTlC1bF%2BsLZM7wjjaM5oPqPdF4PnxRTv4udcvIErP7XnNThI%2FhbvhdUiciZU4obN7ZeHe%2BU2KtH0oL%2FshG8CLtIZY%2BZznPSYjPxBkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Wed, 21 Sep 2022 16:31:29 GMT

GET
H2 200 pGF_wdWlbZ1M6VYe_g-7gYujMA9ufOnJ8VZKnA9uTl6yIptTdz_l0kx7xrBewIh3oHheZad3A8F_9ldRoAaZ7XFnP1KvWSCxXPXydDxeA5Ca5RwsxRpgT8HXQ59DRLf7HmBeWr52nv9TOQ
cdn.discordapp.com/widget-avatars/9O35dzQZZXnX_SW57bwBtiWE22Arx2J4Td4_IcJ28OQ/ Frame 7135 3 KB
3 KB 169ms
168ms Image
image/jpeg 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/9O35dzQZZXnX_SW57bwBtiWE22Arx2J4Td4_IcJ28OQ/pGF_wdWlbZ1M6VYe_g-7gYujMA9ufOnJ8VZKnA9uTl6yIptTdz_l0kx7xrBewIh3oHheZad3A8F_9ldRoAaZ7XFnP1KvWSCxXPXydDxeA5Ca5RwsxRpgT8HXQ59DRLf7HmBeWr52nv9TOQ
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b5a41dce275f116369ed208c1c968363a84184937d7708fbe085aeca83a2d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6924af203b461f19-FRA
x-envoy-upstream-service-time: 43
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3004
last-modified: Tue, 26 Feb 2019 05:26:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkIlO1d2X0MYoJpjkYz4HI%2FTSNRo4c2MrPil8et1tsF6i3wlYAIoUTjan%2FY6h7K0IAJKjXl7hlrthzTjJOUrcxoSyX66%2Bf8HLaCpczdmwCeHuwOf9lKBA%2BTBQ1SVNDHJQOMkuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Wed, 21 Sep 2022 16:31:29 GMT

GET
H2 200 IbQBflGx5o_ggp8rZFJ7DeVEOjkPMkH8MVB2WD0dDMmpMWAVRjeVcATwIMpSDuu_imTy3I0B8jfwPEKRr37gemuvf9K7fWOOI1GZxrd1C8T444gZNwG9_7wKtqCkNvCHfTRB5lDAgDoD2g
cdn.discordapp.com/widget-avatars/zXxVgKI_YXWLRUIx3ZhEBb50Gd31ttiNnRPjcJepduE/ Frame 7135 6 KB
6 KB 53ms
52ms Image
image/jpeg 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/zXxVgKI_YXWLRUIx3ZhEBb50Gd31ttiNnRPjcJepduE/IbQBflGx5o_ggp8rZFJ7DeVEOjkPMkH8MVB2WD0dDMmpMWAVRjeVcATwIMpSDuu_imTy3I0B8jfwPEKRr37gemuvf9K7fWOOI1GZxrd1C8T444gZNwG9_7wKtqCkNvCHfTRB5lDAgDoD2g
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c80c0949202c48962f5a38a358368bf68917e15354879ed16173b4df0b074e73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93235
cf-ray: 6924af203b491f19-FRA
x-envoy-upstream-service-time: 49
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6083
last-modified: Mon, 28 Jun 2021 16:07:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsXBlOQOeHDmaFEDB75whu96tDIUzI7O0cvrkOs2j2ByBFIwJzslWB5COKWV3fdJDfq8FsoasIEaHNzv9%2B1%2BMLHPfpICvI2fZtQIayox4FUdP75IBf9L1eNzvGo3y9kIStb0SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Wed, 21 Sep 2022 16:31:29 GMT

GET
H2 200 1XpXoue-A_fm828bxalLO_VcZT4R1hy6DdPTN6BjA45MeHFjYMVQsINOt7Ztp82OPwh9pTU5itl4jsLzVdM1hBzE0E4d85dU-GvAkoL6W0-bcHcZoOMJ9KOftT5nscxDkojVoKkNWKU55g
cdn.discordapp.com/widget-avatars/EBdz8IBeKlVbLV9WPv7zJNtFBw0LRKqZEUxrye2koi0/ Frame 7135 3 KB
3 KB 154ms
153ms Image
image/jpeg 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/EBdz8IBeKlVbLV9WPv7zJNtFBw0LRKqZEUxrye2koi0/1XpXoue-A_fm828bxalLO_VcZT4R1hy6DdPTN6BjA45MeHFjYMVQsINOt7Ztp82OPwh9pTU5itl4jsLzVdM1hBzE0E4d85dU-GvAkoL6W0-bcHcZoOMJ9KOftT5nscxDkojVoKkNWKU55g
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7461819e9a55bce735b88d64529c59ef79cdc98d567ec61aed65848a46c33a8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6924af203b4b1f19-FRA
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3209
last-modified: Sun, 31 Jan 2021 17:47:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxLpb4DKXr%2F2j9cgW1ZdK87GO69WJU9dkZxOPGjNSfnGhPieiytBQOJEAPkJPrLUDuZ7213ZVMo4O5UHF%2FoDKMMY%2F2pjiMkZa%2B%2F%2BhRZRE8nX5qA%2BYtT7mAUBwrBOYNL6QBqugw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Wed, 21 Sep 2022 16:31:29 GMT

GET
H2 200 QK3T8j_4OtQfJPyxNxRpqHRKLupkAXTvEn7pFMWnj7ALkqq_Cy-Zz6X9O600vFOmV7TKc-IVFpZH23HqFAwd38fbdT37hobna4Q2WGjD4b-tV5D5b1HFG1Z3edvnELkBzcnr7KNSpV_OKQ
cdn.discordapp.com/widget-avatars/r2Q0yZqHbAdn3Qljt91kPvPfc8vsw4sBqSa5sZgl0AM/ Frame 7135 3 KB
3 KB 380ms
379ms Image
image/jpeg 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/r2Q0yZqHbAdn3Qljt91kPvPfc8vsw4sBqSa5sZgl0AM/QK3T8j_4OtQfJPyxNxRpqHRKLupkAXTvEn7pFMWnj7ALkqq_Cy-Zz6X9O600vFOmV7TKc-IVFpZH23HqFAwd38fbdT37hobna4Q2WGjD4b-tV5D5b1HFG1Z3edvnELkBzcnr7KNSpV_OKQ
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b85c1ee244b84fac019801ef46a0b8a8d87fec29d5696ff4a009c3c8500ee0da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6924af203b4f1f19-FRA
x-envoy-upstream-service-time: 56
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3243
last-modified: Mon, 18 Dec 2017 19:45:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FRRYGgEYGIMz2VlIPVKdAnalduFbMdwkmYqGPnJmdi12ZivMbAg5NeIpfYtWt3Su2K0UvMyBEE%2BdQ4yJlzhmd%2Fk6wuOZZND0yYrnT0vYtF%2Fb9SSgGtw%2B%2Fmz4%2FIY7Hbf%2BeAnwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Wed, 21 Sep 2022 16:31:29 GMT

GET
H2 200 KqaG_GCGVyOjD61LZznDbJRGlOTw9C52Vp1uWmjupRHt052zvn0tC5wftdNCoFlHApjMjC6RH8PaIKuhYuhMl9qwC052LHPAV9EfL-vZDd6LAmFqGE7fNBjEGFWX4grFLgyu03vmFerNNw
cdn.discordapp.com/widget-avatars/gx2tczxHl4Ijuxf4vlwoKYYbLH3ePnMfIVosElrVB44/ Frame 7135 5 KB
5 KB 269ms
268ms Image
image/jpeg 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/gx2tczxHl4Ijuxf4vlwoKYYbLH3ePnMfIVosElrVB44/KqaG_GCGVyOjD61LZznDbJRGlOTw9C52Vp1uWmjupRHt052zvn0tC5wftdNCoFlHApjMjC6RH8PaIKuhYuhMl9qwC052LHPAV9EfL-vZDd6LAmFqGE7fNBjEGFWX4grFLgyu03vmFerNNw
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98b0d373a559abe2f19533f62f3848987cdf8ede2e7c8990fbbbeb7b4c05275d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6924af203b501f19-FRA
x-envoy-upstream-service-time: 139
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4823
last-modified: Fri, 20 Nov 2020 23:23:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIf%2BtDJcS8ku%2BYr7t0hbgPdiJ6S6Z8ilk4ccVdj9%2FwGbbuFSR7KGr1GuF7vZPvo4p1z2EcCf%2BKiw82WT1bYkfCyxH9aeYfZVb52YcKQabNk30JxgqMHSojlnbVwhePbGPaIZMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Wed, 21 Sep 2022 16:31:29 GMT

GET
H2 200 4Y7i-bpLjanB6s9MGKMZkl41X6dhgm4agBLAsz2I2s-xqq97j4hRT7e8iNcgigbJLqod2N4EDVgeQJzafTzaVadYDQssdj30OM5ka7J8c7514G5d8lyEC4Et1NnjIRP6TVfGmplLx9w7CQ
cdn.discordapp.com/widget-avatars/8yAODrGTJNq34XdZIJq1uNHXPQkxwxaezvb3lZ_tjGc/ Frame 7135 3 KB
4 KB 226ms
225ms Image
image/jpeg 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/8yAODrGTJNq34XdZIJq1uNHXPQkxwxaezvb3lZ_tjGc/4Y7i-bpLjanB6s9MGKMZkl41X6dhgm4agBLAsz2I2s-xqq97j4hRT7e8iNcgigbJLqod2N4EDVgeQJzafTzaVadYDQssdj30OM5ka7J8c7514G5d8lyEC4Et1NnjIRP6TVfGmplLx9w7CQ
Requested by: Host: xmr.jcink.net
URL: http://xmr.jcink.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02513fc7fa56f5d0170cb7c0c6157426ca7bb7e6e095b9548eeb80cfe1dded95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6924af203b511f19-FRA
x-envoy-upstream-service-time: 87
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3548
last-modified: Sun, 06 Sep 2020 22:45:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HfPN8D7qLvNH5UM0kh8pf8Zu3po%2FXl2f%2FGQzYtFVQkQ9nBUiTrM22kcWd9s%2BThQTL%2FV7G%2BXzVs7Uluc8EK3tkCg18h7IcS8GVRJeewHsHtlPTJ4LBgBEAv4csFOFQetNkkVRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Wed, 21 Sep 2022 16:31:29 GMT

GET
H3 200 3bdef1251a424500c1b3a78dea9b7e57.woff
discord.com/assets/ Frame 7135 75 KB
34 KB 49ms
48ms Font
application/font-woff 162.159.136.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/3bdef1251a424500c1b3a78dea9b7e57.woff

Requested by

Host: discord.com
URL: https://discord.com/assets/index.f7afda7848e99e6cf0ab.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba33ed18fe9c110039549c2b17fee622de2b27d90cfd4a375bd0184174705fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discord.com/assets/index.f7afda7848e99e6cf0ab.css
Origin: https://discord.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Jun 2019 04:16:17 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"3bdef1251a424500c1b3a78dea9b7e57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wS328JmSMK6Qeh6uBKrJKGJlCo%2FuBpzcnoJuzo87CJXz5nvqZqFX2QqWFtTh5gc%2FWrSmONGjJQTo7sAEZi5NJZxCoG0CDpQ%2F8AQoTXaixz37sHIPSDGG%2BQfR9Cdx"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: https://discord.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 6924af205ff597c6-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame 0853 3 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=473210030&adf=3485687219&w=468&lmt=1632241888&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=http%3A%2F%2Fxmr.jcink.net%2F&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&dt=1632241888829&bpp=12&bdt=412&idt=108&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&correlator=3293276100176&frm=20&pv=2&ga_vid=426379111.1632241889&ga_sid=1632241889&ga_hid=2016194257&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=666&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C31062878%2C31062525%2C44750894&oid=3&pvsid=3024470026709216&pem=936&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ojheiNdIzc&p=http%3A//xmr.jcink.net&dtd=132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 15:41:57 GMT
server: ESF
date: Tue, 21 Sep 2021 16:31:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 16:31:29 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 0853 1 KB
959 B 38ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 16:23:31 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/ Frame 0853 18 KB
8 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 16:14:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 0853 3 KB
1 KB 38ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 16:20:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0853 128 KB
39 KB 322ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1632137836110461"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 21 Sep 2021 16:31:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 0853 14 KB
6 KB 35ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 900
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 16:16:29 GMT

GET
H2 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 0853 26 KB
11 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 09:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 04:03:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 18 Dec 2021 09:35:53 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0853 0
0 21ms
20ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2swq4QhKYctolYqAB_ePnKgCm46GlGXS1eH41w5kEAEgm8inAmCVmvuBlAegAbCnr7sByAEJqQJ-B_jCaLOzPqgDAcgDywSqBLUBT9Bq1Esid6rzp8X1xlmQnURspdijEkKBYg4Siyi3kOfmdt8OuhEMFf_mV8aAO4MhvMsvprFMqAua1kzDbdpxHafSKP1TYMa_AHyd0ZKQ3DYLwzvOqztl9ucQg1-CStBJyORqLBELusAz7yYWq6EBZ6w-JGXeSa0pttmzLuAFmEln39VKHOruHVCTeSFICzApaeYBU5qGBm5o62sp-ZPxWnTE87bN9_ROgcua8SV3assmrvmmHMAE5rqOzMoDkgUECAQYAZIFBAgFGASgBi6AB7jY0MQCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBCU_xDSCAkIgOGAcBABGB-ACgHICwGYDIqc2L7CA7gTgwTYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItNjE1NzY5MDQzNzU5NDQyORgA&sigh=odzH_PjZi_o&template_id=515

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=473210030&adf=3485687219&w=468&lmt=1632241888&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=http%3A%2F%2Fxmr.jcink.net%2F&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&dt=1632241888829&bpp=12&bdt=412&idt=108&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&correlator=3293276100176&frm=20&pv=2&ga_vid=426379111.1632241889&ga_sid=1632241889&ga_hid=2016194257&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=666&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C31062878%2C31062525%2C44750894&oid=3&pvsid=3024470026709216&pem=936&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ojheiNdIzc&p=http%3A//xmr.jcink.net&dtd=132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 21 Sep 2021 16:31:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 21 Sep 2021 16:31:29 GMT

GET
H2 200 3836428205810490512
tpc.googlesyndication.com/simgad/ Frame 0853 3 KB
4 KB 23ms
13ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3836428205810490512?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27c71a9e2cb0bb6595a57b297c1c94503b0fa7dac371945e68af53741592cc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 03:52:18 GMT
x-content-type-options: nosniff
age: 131951
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3447
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 09:30:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 03:52:18 GMT

GET
DATA 200
OK truncated
/ Frame 0853 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 559d0ce85535fa19e2758c3e8b8a2bd972b7c61480217d1239ab1a76e74df5c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0853 21 KB
22 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 08:44:05 GMT
x-content-type-options: nosniff
age: 28044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 08:44:05 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0853 21 KB
21 KB 34ms
12ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 04:08:17 GMT
x-content-type-options: nosniff
age: 44592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 04:08:17 GMT

GET
H2 200 ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D8D 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba4ab7dafc79fcc731528ad0d3b8a97f791ef3744720807b1e7edcb6e5a64a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 22:09:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13277
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 20 Sep 2022 22:09:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

822e17250f1d49f17d3b1c595cbf9d5405902f7b3e9b663f30b6d36c3527864c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49120
x-xss-protection: 0
server: cafe
etag: 5545025796411511653
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 16:31:30 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 44ms
22ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210916&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a14e10d68e61fc6511bc12f65ce4dabb5b06f4826efdb6b5be17b54ebb8b0f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 16:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8542
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 16:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 21 Sep 2021 16:31:30 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C224 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://xmr.jcink.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 21 Sep 2021 15:38:57 GMT
expires: Wed, 21 Sep 2022 15:38:57 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C82A 783 B
1 KB 51ms
25ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

043d1ccb579e14f2b47822907eaf2770d281ea376295a806d744b14dc24a6304

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e7ZlhPH5BwOmHbv4Z9iVfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://xmr.jcink.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 21 Sep 2021 16:31:30 GMT
date: Tue, 21 Sep 2021 16:31:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-e7ZlhPH5BwOmHbv4Z9iVfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210916/r20190131/ Frame C588 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210916/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210916/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://xmr.jcink.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm_wA5YDu13WRHaypuEsqc_aQ-YE0AbTpQNIxbZQYdxnMvKGRUnlDVsF58Xhug
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 20 Sep 2021 23:43:39 GMT
expires: Mon, 04 Oct 2021 23:43:39 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 60471
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 22ms
20ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fxmr.jcink.net%2F&tn=DIV&id=push-menu&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 16:31:30 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 25ms
23ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fxmr.jcink.net%2F&tn=DIV&id=top&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 16:31:30 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 318ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xmr.jcink.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 16:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xmr.jcink.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 16:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B983 0
53 B 17ms
16ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&adk=1812271804&adf=3025194257&lmt=1632241890&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=7887076200&format=0x0&url=http%3A%2F%2Fxmr.jcink.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1632241890308&bpp=1&bdt=1891&idt=1&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46b9a40172036e4e-2264d81242c900c5%3AT%3D1632241888%3ART%3D1632241888%3AS%3DALNI_MbjAAz1XyEe92FLliEIQMjJH9EpYw&prev_fmts=468x60_as&nras=1&correlator=3293276100176&pv_ch=7887076200%2B&frm=20&pv=1&ga_vid=426379111.1632241889&ga_sid=1632241889&ga_hid=2016194257&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C31062878%2C31062525%2C44750894&oid=3&psts=AGkb-H9Nwje8vLxUJLKHKxB36cSPnk3KKN4PU7uNhEW3omZgB26IHis8r9DM1QlJ5KMvGw740UBKKBPtNTTN&pvsid=3024470026709216&pem=936&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6157690437594429&output=html&adk=1812271804&adf=3025194257&lmt=1632241890&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=7887076200&format=0x0&url=http%3A%2F%2Fxmr.jcink.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1632241890308&bpp=1&bdt=1891&idt=1&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46b9a40172036e4e-2264d81242c900c5%3AT%3D1632241888%3ART%3D1632241888%3AS%3DALNI_MbjAAz1XyEe92FLliEIQMjJH9EpYw&prev_fmts=468x60_as&nras=1&correlator=3293276100176&pv_ch=7887076200%2B&frm=20&pv=1&ga_vid=426379111.1632241889&ga_sid=1632241889&ga_hid=2016194257&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C31062878%2C31062525%2C44750894&oid=3&psts=AGkb-H9Nwje8vLxUJLKHKxB36cSPnk3KKN4PU7uNhEW3omZgB26IHis8r9DM1QlJ5KMvGw740UBKKBPtNTTN&pvsid=3024470026709216&pem=936&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://xmr.jcink.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm_wA5YDu13WRHaypuEsqc_aQ-YE0AbTpQNIxbZQYdxnMvKGRUnlDVsF58Xhug
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 21 Sep 2021 16:31:30 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js Show response
pagead2.googlesyndication.com/bg/ Frame C224 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba4ab7dafc79fcc731528ad0d3b8a97f791ef3744720807b1e7edcb6e5a64a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 22:09:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13277
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 20 Sep 2022 22:09:47 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C82A 0
0 23ms
23ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210916&jk=3024470026709216&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 34ms
34ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210916&jk=3024470026709216&bg=!VValVhLNAAZWaDWkVmg7ACkAdvg8WryGhlKt6p2E9OND_DL6JBDV4Smsdr3bdvTudIFREL_ZD1gxzQIAAAB9UgAAAAtoAQeZArUj-2_2kbD9Uj20YZbEWy52ZntguW7kXkUpxJjZa_1yXB9X7fTLh74rE9PIRY29v0l1vdjiHHmMjLsGzGE_91Mbsf204uSYcz_rwLw4prThm-O-qJ9Rhwa5xAiCgXfIRWUl0tHY5Tk7aS9TnI30WdUoMymKwqEDb78KFE3ywzzr9D5CmY-5oLbb2pkckd7-F7GJmXhKdkN-xRc8Cn_GCi6fdyPdBDvxfwQ1BHFE9HZIMe73o4kBIQt4TfjekGBWqmcS7OWoO_AGROQvywSF053QQisb7aNMjz2g8sJ0B3V05J2uUnHiqBmW5AxiXXAJeRgZGzGKvG99lH6q69wpLBcJQUN0DpuYOJgveQM2R5X4T3Zx7QOeHpBhckRRoIMuYj_SMBptdhM24ykpjUKvblZsEMaevTgwO4NvU8rvZayjNbU4PQ7ftwX-tEw6xJs4CAEyJAUlI3azxPfczE-m-_oi4Jhj5aE00JWirm_tA7peoKfhWtdboiiDEconPmvhhcGIsJzkGS1qaJSM5FNjE_wXS5JHs2rv_ZGzGXNJOYlifdmfa6sy8uJkXv2EWtpGyckDztZEP3J-QmSyqLDrMtAnE6lqXDS5bAjEpYO2pbMQYEa6PVAtgbT-dNuvGIcmseQzvMpQ6tcKgtrEC6tPxzy4RU-LgokZPnzNZRDU47lkRzj9_qzOgXFmR0-Ug_gwLrF4GwBQfN6WNvLuEP1XCWnY_6ncalrk-pNP95YG1B_CbTE33mPyXsICkRCVshcHfH_YmFqfmJvXpq92JvGMGS3BGqtONl4rSgh_47k7PiGsEwzKfy19DVzkxVXby-Ezw8kgSVXFaJUV7W95qxfi7kQAoYKDXaeuNze-eN18KVUbfceEDauOTw7zNzXkiwKrlkzwPej7SOAqXD7vsN02QnSzwrBtRRI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://xmr.jcink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0853 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDhxW4QhKYctolYqAB_ePnKgCm46GlGXS1eH41w5kEAEgm8inAmCVmvuBlAegAbCnr7sByAEJqQJ-B_jCaLOzPqgDAaoEtQFP0GrUSyJ3qvOnxfXGWZCdRGyl2KMSQoFiDhKLKLeQ5-Z23w66EQwV_-ZXxoA7gyG8yy-msUyoC5rWTMNt2nEdp9Io_VNgxr8AfJ3RkpDcNgvDO86rO2X25xCDX4JK0EnI5GosEQu6wDPvJharoQFnrD4kZd5JrSm22bMu4AWYSWff1Uoc6u4dUJN5IUgLMClp5gFTmoYGbmjrayn5k_FadMTzts339E6By5rxJXdqyyau-aYcwATmuo7MygOSBQQIBBgBkgUECAUYBKAGLoAHuNjQxAKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEJT_ENIICQiA4YBwEAEYH4AKAcgLAZgMipzYvsIDuBODBNgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi02MTU3NjkwNDM3NTk0NDI5GAA&sigh=Hhk7L1ClTVk&vt=1&template_id=515

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6157690437594429&output=html&h=60&adk=473210030&adf=3485687219&w=468&lmt=1632241888&channel=7887076200&ad_type=text%2Fimage&format=468x60_as&url=http%3A%2F%2Fxmr.jcink.net%2F&flash=0&alternate_ad_url=https%3A%2F%2Ffiles.jcink.net%2Falternate_ad.php&wgl=1&dt=1632241888829&bpp=12&bdt=412&idt=108&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&correlator=3293276100176&frm=20&pv=2&ga_vid=426379111.1632241889&ga_sid=1632241889&ga_hid=2016194257&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=666&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C31062878%2C31062525%2C44750894&oid=3&pvsid=3024470026709216&pem=936&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ojheiNdIzc&p=http%3A//xmr.jcink.net&dtd=132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 21 Sep 2021 16:31:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0853 42 B
174 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPpvgcfhJI1iZcgmNWJ_2vMD7uyKJZWtYG0pkRCnjVm4gTC_D4GZu3qAPmZnLwNmSEAQmRnv-PMR8Z75-zzUB4lVfFdShgoABrHef-EzLXZ9WTwbZ2Zx9df3ACZy_hebCl-TTwIpLv2YwAJ8UO03IvNAx5ecUxLA&sai=AMfl-YQ-wIETGHdzcsQRmw7jol-bpZm0HSKJ3ehKqXkyAZHTgg7mmPVxyerDuKwvixO67JK7AK4_Q0w5vrvt&sig=Cg0ArKJSzN98XRn8f8pKEAE&id=lidar2&mcvt=1001&p=29,666,89,1134&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210920&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=473210030&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1632241888963&rpt=857&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 16:31:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static18.icyboards.net
URL: http://static18.icyboards.net/rpgdirectory/images/rpgdbutton1.png

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xmr.jcink.net/	1969-12-31 23:59:59	Name: session_id Value: ec07e612b662055c21eb41604e211a01
xmr.jcink.net/	1970-01-20 06:09:12	Name: mobile_mode Value: -1
.jcink.net/	1970-01-20 06:45:37	Name: __gads Value: ID=46b9a40172036e4e-2264d81242c900c5:T=1632241888:RT=1632241888:S=ALNI_MbjAAz1XyEe92FLliEIQMjJH9EpYw
.discord.com/	1969-12-31 23:59:59	Name: __cfruid Value: f8d0a94c0f71d7a4503bd0dcbedf135e34798a5b-1632241889
.doubleclick.net/	1970-01-20 06:45:37	Name: IDE Value: AHWqTUm_wA5YDu13WRHaypuEsqc_aQ-YE0AbTpQNIxbZQYdxnMvKGRUnlDVsF58Xhug

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://static18.icyboards.net/rpgdirectory/images/rpgdbutton1.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.discordapp.com
cdnw.nickpic.host
discord.com
discordapp.com
files.jcink.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
marveltopsites.gotop100.com
pagead2.googlesyndication.com
partner.googleadservices.com
rpgrating.com
simcast.com
sp-topsites.13days.net
static18.icyboards.net
tpc.googlesyndication.com
use.fontawesome.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.top-site-list.com
www.toprpsites.com
xmr.jcink.net
static18.icyboards.net
142.250.185.226
148.72.158.137
151.101.112.193
162.159.135.233
162.159.136.232
185.119.173.128
185.59.220.199
188.166.139.86
192.184.12.11
2600:3c02::f03c:91ff:fee2:5b0f
2606:4700:3030::6815:3c95
2606:4700:3037::6815:4e07
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:831::200a
45.79.244.12
74.102.155.91
02513fc7fa56f5d0170cb7c0c6157426ca7bb7e6e095b9548eeb80cfe1dded95
043d1ccb579e14f2b47822907eaf2770d281ea376295a806d744b14dc24a6304
085ec20c1fdafb37366fecc2cab2f8c77062c1139a83a30c575950aaf699d37b
0a862babcfacd7c1aa46359537469d49cf3fa2543f9c3578b7239fc7a71850a7
0f823bc4b56f481fbceab4158d855e5d11628198a9e404b827b755fe45d4d1c4
19eefcb5c6765bdb27bd7021712bab93ec50b82763cda8085139da5b60389220
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
27c71a9e2cb0bb6595a57b297c1c94503b0fa7dac371945e68af53741592cc55
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c200d765749f4f2d390975e2d4d9b74d01756df1be84625ffaad8f98e0d9be7
2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c
3042e552b4fd506b9db35b76f811b05825634bc061150b7f4eb6791431693c45
32387836fb24cb0196a59da5f3fc92cff01d4a88f35aecd7f4d49785179aff88
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
38b5a41dce275f116369ed208c1c968363a84184937d7708fbe085aeca83a2d4
3e47eeccc0aa3d6b0d8274aae508b534aace531184501a499d530914ac34a058
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
559d0ce85535fa19e2758c3e8b8a2bd972b7c61480217d1239ab1a76e74df5c2
5913345a9723fb09f8c8c478446348175a4f00c0e4db0db9e275444604650cd2
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5d74942d383c5643d6730e73802d3e7708956d4cf397c9a741cbea58b8aee854
5fe68d46ebe475ae311d080bdd17e29596eaae63215d8b1da1d92e6ea4ea7a1d
62fad7472c1602c52d26ed11423408d59f0dd479992c109e415327aaee6991c4
64f9ab9e7ac0d57171c8976ac5245eb56ac3e432ed83368f03b08099944a1d9f
6cabb90c13161a85c44776473fcc004c6f8c37f5fa6e93b8efbd175d4289b024
71b2ed3e847ddb610560ad735151314326367653e096bf23c90e524ec4d64a96
7461819e9a55bce735b88d64529c59ef79cdc98d567ec61aed65848a46c33a8d
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
7b6c4b59d03c428d8c3b5d7b65caa87e207cf7b6712806fca986230fe174c62c
7ce348fe526c025fec7bfee9f02deac6f436322c0956a8a49194bca009357bba
7d089876e0f3ae1219da42bc710342b66ff8b39b78cbad063104a8824a643489
8221b08f546870e4a202b29c008f73d7602a47166c53c81fe6fcf6ddc24b1e97
822e17250f1d49f17d3b1c595cbf9d5405902f7b3e9b663f30b6d36c3527864c
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
8b3ad08b4734c9f3b287b27685e1c68b446a69709e18a3b6e697f6e654bdd9b7
8bbad3691fbb493312d7b364241cd39faa3526471d5dda9a0de8b10d92abc971
8bd47115b403213277667f22168fa894598202ae08b473f6ee2bcb3b8128a810
8dcf2ba2c1cbdeba3ef8844bd7d4159972e6b55d584462f73a3f35af766101d0
973cdf4604622a582de5ec5fc459eb8fd459f4e956639014bd093fd252e088e5
98b0d373a559abe2f19533f62f3848987cdf8ede2e7c8990fbbbeb7b4c05275d
9a43e60b6e04d1f136f7c0d529705a4fdd0ccd46c78cdba37a68626182860604
9a825167169a7545dbdfae7041c5554bb9fc666c4bb5898f5ebe4c4cf13bfff9
9e44a522f42ea65ada2082d3abd4a61ad7b78ca2f732e3e8c7d4cb39a90d6eac
a14e10d68e61fc6511bc12f65ce4dabb5b06f4826efdb6b5be17b54ebb8b0f6c
a1b8e167d30a7ae174fd8790b799de5b5bdba4c112160de0d5de9eae9e880602
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
adb709fc54f3e4b067b26fb24162ae458a0c934a88b77019593e383a68a054e1
afdd4a1a384ed74474d5cc3004b3e48f489c2ddb6274553d031c14bbf1df0eaa
b3b70870fedb0e285eaf0c9d191e9568a5181bb3e319b7a74edf35acc562d762
b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f
b85c1ee244b84fac019801ef46a0b8a8d87fec29d5696ff4a009c3c8500ee0da
ba33ed18fe9c110039549c2b17fee622de2b27d90cfd4a375bd0184174705fae
ba4ab7dafc79fcc731528ad0d3b8a97f791ef3744720807b1e7edcb6e5a64a93
bd7d21fafb271a7fa4dc59a2ac703241d431ae9c42edb3ec9bfaed512834eb2f
c050138caaa071b7ddb79cca5f84ea2ab3b37c4b1430fb58cd895e383ea356f5
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c80c0949202c48962f5a38a358368bf68917e15354879ed16173b4df0b074e73
caebd4676e90fb46d42cf3ee6af3d70df6c48f4b3d5838a82491ce2269fd3277
ce5a51135b4e58a2d2069d7a3a6dafa2499b8b9cf4b97b009bdc4152298d11e5
d21c8bd2e8b2f5a56b540807fec034374ae70b88dc022ee1e6db57431e3899c9
d2c8f9bb3b71af0d08591581716f22808115b28939c048cac92d94d281fff974
d44c62654b3ede573d577c3718e1011bc54e0f8b5848aa9482eec5cbf19e1f9d
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2a2f4bb821f08722a6ea90da15aae697298d428a31317b4d830e5d8aa784ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff4f7093561260ac2bdb582e067cb643559377e83865692ddbdf64366516eee
f362b8ba7a1698d2278de5a919fd2cc922510091d75ed82bb6bbac7699229972
f4bee3671d0bda04559edf15971211246757d21f0f3f976d958ebb91627f5cb6
fe19f0279e1d22a291471ca4cf8a83734493a8539374d2738c4ce14ef68ea708

xmr.jcink.net Open in urlscan Pro 192.184.12.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

79 %HTTPS

52 %IPv6

21 Domains

26 Subdomains

23 IPs

4 Countries

3415 kBTransfer

4447 kBSize

5 Cookies

14 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

xmr.jcink.net Open in urlscan Pro
192.184.12.11 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

79 %
HTTPS

52 %
IPv6

21
Domains

26
Subdomains

23
IPs

4
Countries

3415 kB
Transfer

4447 kB
Size

5
Cookies

86 HTTP transactions
1 data transactions