xpcplay.click Open in urlscan Pro
2606:4700:3037::6815:18ab  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response xpcplay.click/	726 KB 331 KB	498ms 384ms	Document text/html	2606:4700:3037::6815:18ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xpcplay.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:18ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 777ce2b921ea82943feccd590dfa74c5183189dd76225e8b339f361e2fd7c35e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-origin * access-control-expose-headers Authorization alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f41016efbe0383b-FRA content-encoding zstd content-language de-DE content-type text/html; charset=utf-8 date Wed, 18 Dec 2024 17:52:15 GMT expect-ct max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FebZLZcx%2BTeWDmmGgDm5TjL%2FWF7r2Wcx7nWU8PEHv%2FyFG1nG0PWunpRF0peamDUhsFGWk5rkS%2BUchOTCjBtSa1gZ%2FwEPVJsdou4AsvT4mXiyIVKkMkx%2BZjNk3K9k0PE3G70FvBwjDurfyIj"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=9078&min_rtt=7237&rtt_var=3274&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3972&recv_bytes=2282&delivery_rate=529820&cwnd=248&unsent_bytes=0&cid=b61766ba16f6be52&ts=389&x=0" strict-transport-security max-age=15552000; includeSubDomains vary accept-encoding x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-permitted-cross-domain-policies none x-xss-protection 0
GET H2	200	css fonts.googleapis.com/	43 KB 2 KB	57ms 23ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900,900italic|Roboto+Condensed:300italic,400italic,700italic,400,300,700|Oxygen:400,300,700 Requested by Host: xpcplay.click URL: https://xpcplay.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c8c4f5377af6c32eedd7b88f6137f0196f362bf3a86ec3983ecdc1b515558364 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 18 Dec 2024 17:52:15 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 18 Dec 2024 17:52:15 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 18 Dec 2024 17:52:15 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	Realistic_casino_fountain_show_ar_32_00047_00.png imagesmyclo.com/images/gambling/	2 MB 2 MB	54ms 23ms	Image image/png	172.67.179.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagesmyclo.com/images/gambling/Realistic_casino_fountain_show_ar_32_00047_00.png?=w50-h50-p Requested by Host: xpcplay.click URL: https://xpcplay.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.179.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b7cc93a29de0a3c61d151bb9322a3d6452633c2d055ffb7fd6bc4bf98ffe5d5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "66a23b7a-210bb5" age 345698 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yh6GnpBuLW0R73r0keoOdNTZc2dUjXaTnOgbtennbn1xgQFPKq2bjiaZj9sdTIkFhCV72iCSpa2bSkML6CCZcnnUZTL52MyIo4wX59Fya4F%2FL6JLcMQALIym8U8WKpf5XXk%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 13 Jan 2025 17:50:37 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=12654&min_rtt=12564&rtt_var=4776&sent=11&recv=12&lost=0&retrans=0&sent_bytes=4131&recv_bytes=6069&delivery_rate=216339&cwnd=12000&unsent_bytes=0&cid=0aa5326e8ccfa6d2&ts=27&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 18 Dec 2024 17:52:15 GMT content-type image/png last-modified Thu, 25 Jul 2024 11:48:10 GMT vary Accept-Encoding priority u=2,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f410173ce4fdbdb-FRA accept-ranges bytes content-length 2165685 server cloudflare
GET DATA	200 OK	truncated /	8 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8ef6937b4ca76a32f0b8a07d4c80f4451a64e6eeeba5514a0f7e0a729106ed3a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	8 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cb325e8d8cd3ad12e6455e9d2c08df3d2d13ac6ff063a1122973483e9cea9e96 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jpeg
GET H3	200	Realistic_casino_fountain_show_ar_32_00047_01.png imagesmyclo.com/images/gambling/	2 MB 2 MB	61ms 31ms	Image image/png	172.67.179.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagesmyclo.com/images/gambling/Realistic_casino_fountain_show_ar_32_00047_01.png? Requested by Host: xpcplay.click URL: https://xpcplay.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.179.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d00618a6103c4b2de24a276c722ebe35206595467001c4ddc27fc50948efc939 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "66a23b98-208086" age 1701647 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a7KHBcE0GOJ39MUqG%2BVZo9F2HoDKpwNKBmXoMBLo0lfVeiSn5zJIBN7XNn3Zr1XnB1aHSpEVwA3NLYTEmeRHR4sKVqlgtszQ7SbKmQPPDtJhZueRTxC%2BZ0Z0U8cgbxcmGSE%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 29 Dec 2024 01:11:28 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=12654&min_rtt=12564&rtt_var=4776&sent=21&recv=12&lost=0&retrans=0&sent_bytes=15549&recv_bytes=6069&delivery_rate=216339&cwnd=12000&unsent_bytes=0&cid=0aa5326e8ccfa6d2&ts=28&x=1", cfExtPri, cfHdrFlush;dur=9 date Wed, 18 Dec 2024 17:52:15 GMT content-type image/png last-modified Thu, 25 Jul 2024 11:48:40 GMT vary Accept-Encoding priority u=2,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f410173ce51dbdb-FRA accept-ranges bytes content-length 2130054 server cloudflare
GET H3	200	Realistic_casino_fountain_show_ar_32_00047_02.png imagesmyclo.com/images/gambling/	2 MB 2 MB	59ms 30ms	Image image/png	172.67.179.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagesmyclo.com/images/gambling/Realistic_casino_fountain_show_ar_32_00047_02.png? Requested by Host: xpcplay.click URL: https://xpcplay.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.179.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a334c5a32b455d819f7659405855921a0389a27651f8bfb9ce9b49af3b30d0a2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "66a23bb0-1e5933" age 123918 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1J5NnT6d%2FD3xVjbS259MWbUVE60GEDQQ3swOVooKsCIe2QvAFa1qD9b6B0Ie0mR9JX1LnwI876Vcwrhy%2BCAy1YNJ7a%2B7jP4EaVrVZCYPZtRYad14agKuMEcyzIdf8xnLguQ%3D"}],"group":"cf-nel","max_age":604800} expires Thu, 16 Jan 2025 07:26:57 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=12654&min_rtt=12564&rtt_var=4776&sent=21&recv=12&lost=0&retrans=0&sent_bytes=15549&recv_bytes=6069&delivery_rate=216339&cwnd=12000&unsent_bytes=0&cid=0aa5326e8ccfa6d2&ts=28&x=1", cfExtPri, cfHdrFlush;dur=9 date Wed, 18 Dec 2024 17:52:15 GMT content-type image/png last-modified Thu, 25 Jul 2024 11:49:04 GMT vary Accept-Encoding priority u=2,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f410173ce4ddbdb-FRA accept-ranges bytes content-length 1988915 server cloudflare
GET H3	200	Realistic_casino_fountain_show_ar_32_00047_03.png imagesmyclo.com/images/gambling/	2 MB 2 MB	60ms 31ms	Image image/png	172.67.179.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagesmyclo.com/images/gambling/Realistic_casino_fountain_show_ar_32_00047_03.png? Requested by Host: xpcplay.click URL: https://xpcplay.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.179.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7409da8db573bd76ec0d658c20999abbc2d6b2f1095687cead4c5824c7c3e57a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "66a23bca-229411" age 123916 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H398YaFwJOgM3DUKcTY9L%2Fl%2BbAy0oA6W0HwVOiLS1%2FKnGMMGGrn4ztPyupMziRWGY%2FIVvuKGLNtdp169PLrD8HjJWVIX9FoXdqxAOGhtlNwpcC%2FKCxph2megwMrtDhyfa4Y%3D"}],"group":"cf-nel","max_age":604800} expires Thu, 16 Jan 2025 07:26:59 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=12654&min_rtt=12564&rtt_var=4776&sent=21&recv=12&lost=0&retrans=0&sent_bytes=15549&recv_bytes=6069&delivery_rate=216339&cwnd=12000&unsent_bytes=0&cid=0aa5326e8ccfa6d2&ts=27&x=1", cfExtPri, cfHdrFlush;dur=10 date Wed, 18 Dec 2024 17:52:15 GMT content-type image/png last-modified Thu, 25 Jul 2024 11:49:30 GMT vary Accept-Encoding priority u=2,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f410173ce4edbdb-FRA accept-ranges bytes content-length 2266129 server cloudflare
GET H3	200	571.png imagesmyclo.com/avatars/male/	5 KB 5 KB	429ms 399ms	Image image/png	172.67.179.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagesmyclo.com/avatars/male/571.png? Requested by Host: xpcplay.click URL: https://xpcplay.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.179.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eac6f075e747af14877a92949c9fdf2fe4310c7f81ed64b2f6e47bae0b43874 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "65eabcb7-12e2" age 369092 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6C8Y0Wj28Md%2F1XAWGMlngGbSi9lxytQn7V6IvSEpW9D5fW8U1Y76cXAC%2FHaCPiCIn9dlQnTJ72y6sMfhlwbcBsMVKefFNvk4dmJiI%2BdrMZ2FaTl%2Bw32epEe1A6BVSoPayQ%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 13 Jan 2025 11:20:43 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16267&min_rtt=12564&rtt_var=4718&sent=40&recv=19&lost=0&retrans=0&sent_bytes=36849&recv_bytes=6374&delivery_rate=930786&cwnd=21300&unsent_bytes=0&cid=0aa5326e8ccfa6d2&ts=39&x=1", cfExtPri, cfHdrFlush;dur=5 date Wed, 18 Dec 2024 17:52:15 GMT content-type image/png last-modified Fri, 08 Mar 2024 07:22:31 GMT vary Accept-Encoding priority u=3,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f410173ce54dbdb-FRA accept-ranges bytes content-length 4834 server cloudflare
GET H3	200	284.png imagesmyclo.com/avatars/male/	5 KB 5 KB	428ms 398ms	Image image/png	172.67.179.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagesmyclo.com/avatars/male/284.png? Requested by Host: xpcplay.click URL: https://xpcplay.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.179.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6bbc5452b6787e46500f1aae8932fa7054b6609f2b27c9dcd7074fdffa97046 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "65eabcb7-1219" age 85906 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y0a8B9%2FtHvFfUdsxkY%2F224UHe6yB9KkWSN%2FZR5F6IvsTeIvS20NFCmOwu42rdo9779CIyC6qsbwRoI%2FTq%2B1aeQnEAgQMb9VyTJwxT8hwD06gBItPp1IDQCZUlK2fzNn%2FVyg%3D"}],"group":"cf-nel","max_age":604800} expires Thu, 16 Jan 2025 18:00:29 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=12654&min_rtt=12564&rtt_var=4776&sent=21&recv=12&lost=0&retrans=0&sent_bytes=15549&recv_bytes=6069&delivery_rate=216339&cwnd=12000&unsent_bytes=0&cid=0aa5326e8ccfa6d2&ts=29&x=1", cfExtPri, cfHdrFlush;dur=8 date Wed, 18 Dec 2024 17:52:15 GMT content-type image/png last-modified Fri, 08 Mar 2024 07:22:31 GMT vary Accept-Encoding priority u=3,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f410173ce52dbdb-FRA accept-ranges bytes content-length 4633 server cloudflare
GET H3	200	953.png imagesmyclo.com/avatars/male/	5 KB 5 KB	372ms 372ms	Image image/png	172.67.179.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagesmyclo.com/avatars/male/953.png? Requested by Host: xpcplay.click URL: https://xpcplay.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.179.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ece196a9a0ad87f7db51f948323db4cccb44d84b1e478699999242d5799fd078 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "65eabcb7-12af" age 1126234 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1J8RrSO1deODPGn7oL%2FMeWWI7iyty1HTf1lNNTZEenw22w6cmGhLLI1CTd8d%2BgjAPKx9T82%2B1Ffu7OHnsJZv2Fi9xfrQmNE9yujMDsFItqVQDTq5bOqHvS4uWARjepD%2BV4%3D"}],"group":"cf-nel","max_age":604800} expires Sat, 04 Jan 2025 17:01:41 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11117&min_rtt=6625&rtt_var=4633&sent=87&recv=36&lost=0&retrans=0&sent_bytes=90531&recv_bytes=7952&delivery_rate=1675864&cwnd=44100&unsent_bytes=0&cid=0aa5326e8ccfa6d2&ts=51&x=1", cfExtPri, cfHdrFlush;dur=1 date Wed, 18 Dec 2024 17:52:15 GMT content-type image/png last-modified Fri, 08 Mar 2024 07:22:31 GMT vary Accept-Encoding priority u=3,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f410173eeb3dbdb-FRA accept-ranges bytes content-length 4783 server cloudflare
GET H3	200	291.png imagesmyclo.com/avatars/female/	5 KB 5 KB	373ms 373ms	Image image/png	172.67.179.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagesmyclo.com/avatars/female/291.png? Requested by Host: xpcplay.click URL: https://xpcplay.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.179.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72065733b9ebac036944f85e0bb5f3cd82d48d563a509ee1e69824f998768775 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "65eabcb7-1278" age 1866660 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pim3PBViNl9mxSjqq1xgZUH3JvojIiB0%2FBVpFDob5DsQyrYMr46Gb5B%2FKarFWeEYfhoaRkRJNM5uvufn6erfLJCkXxW0YSfF2IsvXjVunGRSZQdeJGRNPeDr93GP9goH83A%3D"}],"group":"cf-nel","max_age":604800} expires Fri, 27 Dec 2024 03:21:15 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9063&min_rtt=6625&rtt_var=1318&sent=127&recv=46&lost=0&retrans=0&sent_bytes=138531&recv_bytes=8387&delivery_rate=2436314&cwnd=68100&unsent_bytes=0&cid=0aa5326e8ccfa6d2&ts=53&x=1", cfExtPri, cfHdrFlush;dur=4 date Wed, 18 Dec 2024 17:52:15 GMT content-type image/png last-modified Fri, 08 Mar 2024 07:22:31 GMT vary Accept-Encoding priority u=3,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f410173eeb6dbdb-FRA accept-ranges bytes content-length 4728 server cloudflare
GET H3	200	18.png imagesmyclo.com/avatars/female/	5 KB 5 KB	374ms 374ms	Image image/png	172.67.179.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagesmyclo.com/avatars/female/18.png? Requested by Host: xpcplay.click URL: https://xpcplay.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.179.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a19f63624657889902b7b5ba567f6020ea558bd89442fe6ba31f352bf8dc8dac Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "65eabcb7-1249" age 1126234 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NNES2fTTsC%2FIR5kgesefN4AzV9Y6zClWRdMfVyI5nIo8uLBQn0utpS0ouS0QUta9kX3RTVNz5oo61J9BqzsMyjgYMUhFKN3npEjVKeOiqxaE6RPaeyEn4%2Fo0MSs%2BxbZLQLU%3D"}],"group":"cf-nel","max_age":604800} expires Sat, 04 Jan 2025 17:01:41 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9063&min_rtt=6625&rtt_var=1318&sent=127&recv=46&lost=0&retrans=0&sent_bytes=138531&recv_bytes=8387&delivery_rate=2436314&cwnd=68100&unsent_bytes=0&cid=0aa5326e8ccfa6d2&ts=53&x=1", cfExtPri, cfHdrFlush;dur=5 date Wed, 18 Dec 2024 17:52:15 GMT content-type image/png last-modified Fri, 08 Mar 2024 07:22:31 GMT vary Accept-Encoding priority u=3,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f410173eeb7dbdb-FRA accept-ranges bytes content-length 4681 server cloudflare
GET DATA	200 OK	truncated /	26 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 41197b327dd31cb4fba83e3649b7fae9a3edf2d01b36d6db0f888695d45fbf72 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/gif
GET		Realistic_casino_fountain_show_ar_32_00047_00.png {domain}/images/gambling/	0 0
GET DATA	200 OK	truncated /	66 KB 66 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 709f2789daaff440820ebb975d3ae409af45121bdec47e39e83523490b1bc0fc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://xpcplay.click Referer Response headers Content-Type application/font-woff
GET H3	200	2sDfZG1Wl4LcnbuKjk0m.woff2 fonts.gstatic.com/s/oxygen/v15/	16 KB 16 KB	32ms 13ms	Font font/woff2	216.58.212.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900,900italic|Roboto+Condensed:300italic,400italic,700italic,400,300,700|Oxygen:400,300,700 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f3.1e100.net Software sffe / Resource Hash 9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://xpcplay.click Referer https://fonts.googleapis.com/ Response headers age 144566 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 17 Dec 2025 01:42:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 17 Dec 2024 01:42:50 GMT last-modified Mon, 09 May 2022 18:31:32 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 16348 x-xss-protection 0 server sffe
GET H3	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	36ms 18ms	Font font/woff2	216.58.212.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900,900italic|Roboto+Condensed:300italic,400italic,700italic,400,300,700|Oxygen:400,300,700 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f3.1e100.net Software sffe / Resource Hash 4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://xpcplay.click Referer https://fonts.googleapis.com/ Response headers age 555607 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 12 Dec 2025 07:32:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 12 Dec 2024 07:32:09 GMT last-modified Thu, 01 Aug 2024 20:41:19 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18492 x-xss-protection 0 server sffe
GET H3	200	2sDcZG1Wl4LcnbuCJW8zaGW5.woff2 fonts.gstatic.com/s/oxygen/v15/	15 KB 15 KB	49ms 30ms	Font font/woff2	216.58.212.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCJW8zaGW5.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900,900italic|Roboto+Condensed:300italic,400italic,700italic,400,300,700|Oxygen:400,300,700 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f3.1e100.net Software sffe / Resource Hash c5c877b2f70eaa51b17f81150decd43027fec02788fec5719be6befb12af115f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://xpcplay.click Referer https://fonts.googleapis.com/ Response headers age 543450 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 12 Dec 2025 10:54:46 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 12 Dec 2024 10:54:46 GMT last-modified Mon, 09 May 2022 18:30:32 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 15792 x-xss-protection 0 server sffe
GET H3	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 fonts.gstatic.com/s/robotocondensed/v27/	50 KB 50 KB	41ms 22ms	Font font/woff2	216.58.212.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900,900italic|Roboto+Condensed:300italic,400italic,700italic,400,300,700|Oxygen:400,300,700 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f3.1e100.net Software sffe / Resource Hash 517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://xpcplay.click Referer https://fonts.googleapis.com/ Response headers age 6621 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 18 Dec 2025 16:01:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 18 Dec 2024 16:01:55 GMT last-modified Wed, 18 Oct 2023 17:52:59 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 51404 x-xss-protection 0 server sffe
GET DATA	200 OK	truncated /	22 KB 22 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d4eb26c1152dce7c280a042e2aa2d73abfe1b7c9be0bf5e862ec998e14880861 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://xpcplay.click Referer Response headers Content-Type application/font-woff
GET H3	200	883.png imagesmyclo.com/favicons/	1 KB 2 KB	19ms 19ms	Other image/png	172.67.179.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://imagesmyclo.com/favicons/883.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.179.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7477b65b587b9cd4108a8fed68677fe6843a8db8f3c0bc13f47b45fbb8f105c6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "6630e687-519" age 1393645 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ph1Q0wlpkWY0IfqsiN9s3t71jcrQKrh3HkTfTfPXM7IVi7PpdqsLt4MB%2FkZsDC1cJJJWeuSZGGaGXQyHDmnLnDRtmXJ%2BC%2BA9uhAN18QS81ObKLSsBJugU%2FR2s%2BdKQO9Hmgg%3D"}],"group":"cf-nel","max_age":604800} expires Wed, 01 Jan 2025 14:44:51 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15206&min_rtt=6528&rtt_var=805&sent=8188&recv=1188&lost=677&retrans=677&sent_bytes=9572479&recv_bytes=93601&delivery_rate=9481637&cwnd=171556&unsent_bytes=0&cid=0aa5326e8ccfa6d2&ts=952&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 18 Dec 2024 17:52:16 GMT content-type image/png last-modified Tue, 30 Apr 2024 12:39:35 GMT vary Accept-Encoding priority u=1,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f4101798f67dbdb-FRA accept-ranges bytes content-length 1305 server cloudflare
GET H3	200	883.png imagesmyclo.com/favicons/	1 KB 0	0ms 0ms	Other image/png	172.67.179.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://imagesmyclo.com/favicons/883.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.179.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7477b65b587b9cd4108a8fed68677fe6843a8db8f3c0bc13f47b45fbb8f105c6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "6630e687-519" age 1393645 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ph1Q0wlpkWY0IfqsiN9s3t71jcrQKrh3HkTfTfPXM7IVi7PpdqsLt4MB%2FkZsDC1cJJJWeuSZGGaGXQyHDmnLnDRtmXJ%2BC%2BA9uhAN18QS81ObKLSsBJugU%2FR2s%2BdKQO9Hmgg%3D"}],"group":"cf-nel","max_age":604800} expires Wed, 01 Jan 2025 14:44:51 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15206&min_rtt=6528&rtt_var=805&sent=8188&recv=1188&lost=677&retrans=677&sent_bytes=9572479&recv_bytes=93601&delivery_rate=9481637&cwnd=171556&unsent_bytes=0&cid=0aa5326e8ccfa6d2&ts=952&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 18 Dec 2024 17:52:16 GMT content-type image/png last-modified Tue, 30 Apr 2024 12:39:35 GMT vary Accept-Encoding priority u=1,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f4101798f67dbdb-FRA accept-ranges bytes content-length 1305 server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

URL

https://{domain}/images/gambling/Realistic_casino_fountain_show_ar_32_00047_00.png?

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| WOW

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://{domain}/images/gambling/Realistic_casino_fountain_show_ar_32_00047_00.png? Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
imagesmyclo.com
xpcplay.click

172.67.179.147
216.58.212.131
2606:4700:3037::6815:18ab
2a00:1450:4001:803::200a
41197b327dd31cb4fba83e3649b7fae9a3edf2d01b36d6db0f888695d45fbf72
4b7cc93a29de0a3c61d151bb9322a3d6452633c2d055ffb7fd6bc4bf98ffe5d5
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
709f2789daaff440820ebb975d3ae409af45121bdec47e39e83523490b1bc0fc
72065733b9ebac036944f85e0bb5f3cd82d48d563a509ee1e69824f998768775
7409da8db573bd76ec0d658c20999abbc2d6b2f1095687cead4c5824c7c3e57a
7477b65b587b9cd4108a8fed68677fe6843a8db8f3c0bc13f47b45fbb8f105c6
777ce2b921ea82943feccd590dfa74c5183189dd76225e8b339f361e2fd7c35e
7eac6f075e747af14877a92949c9fdf2fe4310c7f81ed64b2f6e47bae0b43874
8ef6937b4ca76a32f0b8a07d4c80f4451a64e6eeeba5514a0f7e0a729106ed3a
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
a19f63624657889902b7b5ba567f6020ea558bd89442fe6ba31f352bf8dc8dac
a334c5a32b455d819f7659405855921a0389a27651f8bfb9ce9b49af3b30d0a2
c5c877b2f70eaa51b17f81150decd43027fec02788fec5719be6befb12af115f
c8c4f5377af6c32eedd7b88f6137f0196f362bf3a86ec3983ecdc1b515558364
cb325e8d8cd3ad12e6455e9d2c08df3d2d13ac6ff063a1122973483e9cea9e96
d00618a6103c4b2de24a276c722ebe35206595467001c4ddc27fc50948efc939
d4eb26c1152dce7c280a042e2aa2d73abfe1b7c9be0bf5e862ec998e14880861
e6bbc5452b6787e46500f1aae8932fa7054b6609f2b27c9dcd7074fdffa97046
ece196a9a0ad87f7db51f948323db4cccb44d84b1e478699999242d5799fd078