urlscan.io logo urlscan.io
SecurityTrails logo

user.nicklpass.com Open in urlscan Pro
54.85.197.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.sidekickopen10.com/s3t/c/5/f18dQhb0S7kF8bGpQ-VhbFnX59hl3kW7_k2841CXdp3VP16Nq1G7rNZW2bzNLl2gMdxL101?te=W3R5hFj4cm2zw...
Effective URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Submission: On October 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 7 domains to perform 28 HTTP transactions. The main IP is 54.85.197.205, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is user.nicklpass.com.
TLS certificate: Issued by Amazon on November 21st 2020. Valid for: a year.
This is the only time user.nicklpass.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.18.13.122 13335 (CLOUDFLAR...)
8 54.85.197.205 14618 (AMAZON-AES)
3 142.250.184.234 15169 (GOOGLE)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 142.250.186.138 15169 (GOOGLE)
1 143.204.101.127 16509 (AMAZON-02)
1 35.186.235.23 15169 (GOOGLE)
13 172.217.16.131 15169 (GOOGLE)
28 7
1    104.18.13.122 (United States)

ASN13335 (CLOUDFLARENET, US)
t.sidekickopen10.com
8    54.85.197.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-197-205.compute-1.amazonaws.com
user.nicklpass.com
3    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
1    104.18.10.207 (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
ajax.googleapis.com
1    143.204.101.127 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-127.fra50.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    35.186.235.23 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 23.235.186.35.bc.googleusercontent.com
cdn4.mxpnl.com
13    172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f131.1e100.net
fonts.gstatic.com
Domain Requested by
13 fonts.gstatic.com fonts.googleapis.com
8 user.nicklpass.com user.nicklpass.com
3 fonts.googleapis.com user.nicklpass.com
ajax.googleapis.com
1 cdn4.mxpnl.com user.nicklpass.com
1 d3e54v103j8qbb.cloudfront.net user.nicklpass.com
1 ajax.googleapis.com user.nicklpass.com
1 stackpath.bootstrapcdn.com user.nicklpass.com
1 t.sidekickopen10.com 1 redirects
28 8

This site contains no links.

Subject Issuer Validity Valid
*.nicklpass.com
Amazon		 2020-11-21 -
2021-12-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.mxpnl.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-15 -
2022-07-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Frame ID: F3CDDBEB7C1525D3443B8BBB107E146B
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NICKLpass

Page URL History Show full URLs

  1. https://t.sidekickopen10.com/s3t/c/5/f18dQhb0S7kF8bGpQ-VhbFnX59hl3kW7_k2841CXdp3VP16Nq1G7rNZW2bzNLl2gMdxL... HTTP 307
    https://user.nicklpass.com/registerWfMTSnj9A97bxlr Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

7
IPs

1
Countries

789 kB
Transfer

2261 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.sidekickopen10.com/s3t/c/5/f18dQhb0S7kF8bGpQ-VhbFnX59hl3kW7_k2841CXdp3VP16Nq1G7rNZW2bzNLl2gMdxL101?te=W3R5hFj4cm2zwW4hLZp01JD4DpW3XZB_B4cPNyDW43T4P63K4c_tW4fGCn73LSXj7W41TjKy24Wbs03b2s2&si=8000000004079950&pi=e50b3dd1889b413a97fd4c4813d8d395 HTTP 307
    https://user.nicklpass.com/registerWfMTSnj9A97bxlr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request registerWfMTSnj9A97bxlr
user.nicklpass.com/
Redirect Chain
  • https://t.sidekickopen10.com/s3t/c/5/f18dQhb0S7kF8bGpQ-VhbFnX59hl3kW7_k2841CXdp3VP16Nq1G7rNZW2bzNLl2gMdxL101?te=W3R5hFj4cm2zwW4hLZp01JD4DpW3XZB_B4cPNyDW43T4P63K4c_tW4fGCn73LSXj7W41TjKy24Wbs03b2s2&s...
  • https://user.nicklpass.com/registerWfMTSnj9A97bxlr
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.197.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-197-205.compute-1.amazonaws.com
Software
nginx/1.17.3 /
Resource Hash
24a89ce6b7ad13eca90b9199aa74861f458ebc92aa29d65055b6633060d112e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
user.nicklpass.com
:scheme
https
:path
/registerWfMTSnj9A97bxlr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 25 Oct 2021 20:50:16 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.17.3
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Im1nWDZhWVVqUDhkbklGS1V6MVV1c1E9PSIsInZhbHVlIjoiKzJJbXBFR1ZFYlwvYnVXdjJMNThLenB3dk9OTVZaRjR3TThpSU9iZ0dGQ0EwbG5Ec2loRXNPR1hEV0o0V0N2SzUiLCJtYWMiOiJlYjEzNGQyYTlhMzdkNmM1ODM2ZTkzYmMzYWIyZDQ0NDkyZjExYjRkMjk0MzNjYzk1MWNlODg2OGJlMWY3MTA3In0%3D; expires=Mon, 25-Oct-2021 22:50:16 GMT; Max-Age=7200; path=/ nicklpass_session=eyJpdiI6IlhsSElEZkhZbzZKOVwvV21JclVsWWhBPT0iLCJ2YWx1ZSI6IlwvcllsYzVrWGRkUjlKMmI5YTU2S3krZEpoU0dNY1ZjZVwvXC9yTldSRE5yR0RMb1NYNndsSGRTcDJtdEF5MXU3T0MiLCJtYWMiOiIxOTgyY2UzNWJjOGNjMjg0OGU5YmI4YTRlZDlmNzcyZDQ5Y2MzZmNiYjlmOGFkOGFjZTJhYTJlMzI3ZjczZmQ0In0%3D; expires=Mon, 25-Oct-2021 22:50:16 GMT; Max-Age=7200; path=/; httponly
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

date
Mon, 25 Oct 2021 20:50:16 GMT
set-cookie
_hetc=7c0d55a5-0cf5-48e3-96f6-819e065ceeea|1635195016351|ACOD57cwLQIVAIxUDVAy4sttHYssL7xbJpwYZGp1AhRjyyHMORsFjVcKJmaWnk64SoBm8A==;Version=1;Comment=;Domain=t.sidekickopen10.com;Path=/;Max-Age=31536000
x-robots-tag
none
link
<https://user.nicklpass.com/registerWfMTSnj9A97bxlr>; rel="canonical"
location
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
referrer-policy
no-referrer
x-hubspot-correlation-id
8aaa715e-0448-4e0b-b614-73069f7a4e50
access-control-allow-credentials
false
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a3e50f19c95412c-PRG
app.js
user.nicklpass.com/js/ 		1 MB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://user.nicklpass.com/js/app.js
Requested by
Host: user.nicklpass.com
URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.197.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-197-205.compute-1.amazonaws.com
Software
nginx/1.17.3 /
Resource Hash
fcece164115249e4c4aa8223ab724fda40d99de9e50e169393359264ec2d0af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/app.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Im1nWDZhWVVqUDhkbklGS1V6MVV1c1E9PSIsInZhbHVlIjoiKzJJbXBFR1ZFYlwvYnVXdjJMNThLenB3dk9OTVZaRjR3TThpSU9iZ0dGQ0EwbG5Ec2loRXNPR1hEV0o0V0N2SzUiLCJtYWMiOiJlYjEzNGQyYTlhMzdkNmM1ODM2ZTkzYmMzYWIyZDQ0NDkyZjExYjRkMjk0MzNjYzk1MWNlODg2OGJlMWY3MTA3In0%3D; nicklpass_session=eyJpdiI6IlhsSElEZkhZbzZKOVwvV21JclVsWWhBPT0iLCJ2YWx1ZSI6IlwvcllsYzVrWGRkUjlKMmI5YTU2S3krZEpoU0dNY1ZjZVwvXC9yTldSRE5yR0RMb1NYNndsSGRTcDJtdEF5MXU3T0MiLCJtYWMiOiIxOTgyY2UzNWJjOGNjMjg0OGU5YmI4YTRlZDlmNzcyZDQ5Y2MzZmNiYjlmOGFkOGFjZTJhYTJlMzI3ZjczZmQ0In0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
user.nicklpass.com
referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 18 Dec 2019 17:30:14 GMT
server
nginx/1.17.3
x-frame-options
SAMEORIGIN
etag
W/"5dfa6226-162270"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
577 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: user.nicklpass.com
URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.nicklpass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 19:56:50 GMT
server
ESF
date
Mon, 25 Oct 2021 20:50:16 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Mon, 25 Oct 2021 20:50:16 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: user.nicklpass.com
URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://user.nicklpass.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:50:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
access-control-allow-origin
*
cdn-cachedat
08/11/2021 05:41:31
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
bce2e0688ae6a9d1541f0710035d372f
cf-ray
6a3e50f71ea34114-PRG
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: user.nicklpass.com
URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.nicklpass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:55:39 GMT
server
ESF
date
Mon, 25 Oct 2021 20:50:16 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Mon, 25 Oct 2021 20:50:16 GMT
normalize.css
user.nicklpass.com/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://user.nicklpass.com/css/normalize.css
Requested by
Host: user.nicklpass.com
URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.197.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-197-205.compute-1.amazonaws.com
Software
nginx/1.17.3 /
Resource Hash
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/normalize.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Im1nWDZhWVVqUDhkbklGS1V6MVV1c1E9PSIsInZhbHVlIjoiKzJJbXBFR1ZFYlwvYnVXdjJMNThLenB3dk9OTVZaRjR3TThpSU9iZ0dGQ0EwbG5Ec2loRXNPR1hEV0o0V0N2SzUiLCJtYWMiOiJlYjEzNGQyYTlhMzdkNmM1ODM2ZTkzYmMzYWIyZDQ0NDkyZjExYjRkMjk0MzNjYzk1MWNlODg2OGJlMWY3MTA3In0%3D; nicklpass_session=eyJpdiI6IlhsSElEZkhZbzZKOVwvV21JclVsWWhBPT0iLCJ2YWx1ZSI6IlwvcllsYzVrWGRkUjlKMmI5YTU2S3krZEpoU0dNY1ZjZVwvXC9yTldSRE5yR0RMb1NYNndsSGRTcDJtdEF5MXU3T0MiLCJtYWMiOiIxOTgyY2UzNWJjOGNjMjg0OGU5YmI4YTRlZDlmNzcyZDQ5Y2MzZmNiYjlmOGFkOGFjZTJhYTJlMzI3ZjczZmQ0In0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
user.nicklpass.com
referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 19:45:01 GMT
server
nginx/1.17.3
x-frame-options
SAMEORIGIN
etag
W/"5df9303d-1e5c"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
webflow.css
user.nicklpass.com/css/ 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://user.nicklpass.com/css/webflow.css
Requested by
Host: user.nicklpass.com
URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.197.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-197-205.compute-1.amazonaws.com
Software
nginx/1.17.3 /
Resource Hash
04fb0729abd24c0389bb170f192a6dd6d8e3bd718cf88f6b3248c0987e28be8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/webflow.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Im1nWDZhWVVqUDhkbklGS1V6MVV1c1E9PSIsInZhbHVlIjoiKzJJbXBFR1ZFYlwvYnVXdjJMNThLenB3dk9OTVZaRjR3TThpSU9iZ0dGQ0EwbG5Ec2loRXNPR1hEV0o0V0N2SzUiLCJtYWMiOiJlYjEzNGQyYTlhMzdkNmM1ODM2ZTkzYmMzYWIyZDQ0NDkyZjExYjRkMjk0MzNjYzk1MWNlODg2OGJlMWY3MTA3In0%3D; nicklpass_session=eyJpdiI6IlhsSElEZkhZbzZKOVwvV21JclVsWWhBPT0iLCJ2YWx1ZSI6IlwvcllsYzVrWGRkUjlKMmI5YTU2S3krZEpoU0dNY1ZjZVwvXC9yTldSRE5yR0RMb1NYNndsSGRTcDJtdEF5MXU3T0MiLCJtYWMiOiIxOTgyY2UzNWJjOGNjMjg0OGU5YmI4YTRlZDlmNzcyZDQ5Y2MzZmNiYjlmOGFkOGFjZTJhYTJlMzI3ZjczZmQ0In0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
user.nicklpass.com
referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Aug 2020 16:00:09 GMT
server
nginx/1.17.3
x-frame-options
SAMEORIGIN
etag
W/"5f283489-990d"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
nicklcheckout.webflow.css
user.nicklpass.com/css/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://user.nicklpass.com/css/nicklcheckout.webflow.css
Requested by
Host: user.nicklpass.com
URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.197.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-197-205.compute-1.amazonaws.com
Software
nginx/1.17.3 /
Resource Hash
4fda9db9bc3907e04a8165c3463082637d54d51e0c83aafe890d7e740315617e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/nicklcheckout.webflow.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Im1nWDZhWVVqUDhkbklGS1V6MVV1c1E9PSIsInZhbHVlIjoiKzJJbXBFR1ZFYlwvYnVXdjJMNThLenB3dk9OTVZaRjR3TThpSU9iZ0dGQ0EwbG5Ec2loRXNPR1hEV0o0V0N2SzUiLCJtYWMiOiJlYjEzNGQyYTlhMzdkNmM1ODM2ZTkzYmMzYWIyZDQ0NDkyZjExYjRkMjk0MzNjYzk1MWNlODg2OGJlMWY3MTA3In0%3D; nicklpass_session=eyJpdiI6IlhsSElEZkhZbzZKOVwvV21JclVsWWhBPT0iLCJ2YWx1ZSI6IlwvcllsYzVrWGRkUjlKMmI5YTU2S3krZEpoU0dNY1ZjZVwvXC9yTldSRE5yR0RMb1NYNndsSGRTcDJtdEF5MXU3T0MiLCJtYWMiOiIxOTgyY2UzNWJjOGNjMjg0OGU5YmI4YTRlZDlmNzcyZDQ5Y2MzZmNiYjlmOGFkOGFjZTJhYTJlMzI3ZjczZmQ0In0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
user.nicklpass.com
referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Aug 2020 16:00:09 GMT
server
nginx/1.17.3
x-frame-options
SAMEORIGIN
etag
W/"5f283489-6cb0"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: user.nicklpass.com
URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.nicklpass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
390353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Fri, 21 Oct 2022 08:24:23 GMT
overRide.css
user.nicklpass.com/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://user.nicklpass.com/css/overRide.css
Requested by
Host: user.nicklpass.com
URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.197.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-197-205.compute-1.amazonaws.com
Software
nginx/1.17.3 /
Resource Hash
d6b37db4978c27baa2f277d5265993cff46ab06d69fcac9a7da7e27d66fb3b34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/overRide.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Im1nWDZhWVVqUDhkbklGS1V6MVV1c1E9PSIsInZhbHVlIjoiKzJJbXBFR1ZFYlwvYnVXdjJMNThLenB3dk9OTVZaRjR3TThpSU9iZ0dGQ0EwbG5Ec2loRXNPR1hEV0o0V0N2SzUiLCJtYWMiOiJlYjEzNGQyYTlhMzdkNmM1ODM2ZTkzYmMzYWIyZDQ0NDkyZjExYjRkMjk0MzNjYzk1MWNlODg2OGJlMWY3MTA3In0%3D; nicklpass_session=eyJpdiI6IlhsSElEZkhZbzZKOVwvV21JclVsWWhBPT0iLCJ2YWx1ZSI6IlwvcllsYzVrWGRkUjlKMmI5YTU2S3krZEpoU0dNY1ZjZVwvXC9yTldSRE5yR0RMb1NYNndsSGRTcDJtdEF5MXU3T0MiLCJtYWMiOiIxOTgyY2UzNWJjOGNjMjg0OGU5YmI4YTRlZDlmNzcyZDQ5Y2MzZmNiYjlmOGFkOGFjZTJhYTJlMzI3ZjczZmQ0In0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
user.nicklpass.com
referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 18 Nov 2020 16:16:42 GMT
server
nginx/1.17.3
x-frame-options
SAMEORIGIN
etag
W/"5fb548ea-3626"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
nicklCheckoutFlowStyle.css
user.nicklpass.com/css/ 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://user.nicklpass.com/css/nicklCheckoutFlowStyle.css
Requested by
Host: user.nicklpass.com
URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.197.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-197-205.compute-1.amazonaws.com
Software
nginx/1.17.3 /
Resource Hash
9df7c4fb317c7e2fe53e0b588d7b5ebfa176204837139101b5e118e200277359
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/nicklCheckoutFlowStyle.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Im1nWDZhWVVqUDhkbklGS1V6MVV1c1E9PSIsInZhbHVlIjoiKzJJbXBFR1ZFYlwvYnVXdjJMNThLenB3dk9OTVZaRjR3TThpSU9iZ0dGQ0EwbG5Ec2loRXNPR1hEV0o0V0N2SzUiLCJtYWMiOiJlYjEzNGQyYTlhMzdkNmM1ODM2ZTkzYmMzYWIyZDQ0NDkyZjExYjRkMjk0MzNjYzk1MWNlODg2OGJlMWY3MTA3In0%3D; nicklpass_session=eyJpdiI6IlhsSElEZkhZbzZKOVwvV21JclVsWWhBPT0iLCJ2YWx1ZSI6IlwvcllsYzVrWGRkUjlKMmI5YTU2S3krZEpoU0dNY1ZjZVwvXC9yTldSRE5yR0RMb1NYNndsSGRTcDJtdEF5MXU3T0MiLCJtYWMiOiIxOTgyY2UzNWJjOGNjMjg0OGU5YmI4YTRlZDlmNzcyZDQ5Y2MzZmNiYjlmOGFkOGFjZTJhYTJlMzI3ZjczZmQ0In0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
user.nicklpass.com
referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 20:26:10 GMT
server
nginx/1.17.3
x-frame-options
SAMEORIGIN
etag
W/"5f19f262-98cc"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
nicklPassLogoFinalWhite400W.png
user.nicklpass.com/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user.nicklpass.com/images/nicklPassLogoFinalWhite400W.png
Requested by
Host: user.nicklpass.com
URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.197.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-197-205.compute-1.amazonaws.com
Software
nginx/1.17.3 /
Resource Hash
b1f7e005bec11a25b40761fa7d97f9b1dd0b3fc3e379f148f6ea4d0cffedb4f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/images/nicklPassLogoFinalWhite400W.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Im1nWDZhWVVqUDhkbklGS1V6MVV1c1E9PSIsInZhbHVlIjoiKzJJbXBFR1ZFYlwvYnVXdjJMNThLenB3dk9OTVZaRjR3TThpSU9iZ0dGQ0EwbG5Ec2loRXNPR1hEV0o0V0N2SzUiLCJtYWMiOiJlYjEzNGQyYTlhMzdkNmM1ODM2ZTkzYmMzYWIyZDQ0NDkyZjExYjRkMjk0MzNjYzk1MWNlODg2OGJlMWY3MTA3In0%3D; nicklpass_session=eyJpdiI6IlhsSElEZkhZbzZKOVwvV21JclVsWWhBPT0iLCJ2YWx1ZSI6IlwvcllsYzVrWGRkUjlKMmI5YTU2S3krZEpoU0dNY1ZjZVwvXC9yTldSRE5yR0RMb1NYNndsSGRTcDJtdEF5MXU3T0MiLCJtYWMiOiIxOTgyY2UzNWJjOGNjMjg0OGU5YmI4YTRlZDlmNzcyZDQ5Y2MzZmNiYjlmOGFkOGFjZTJhYTJlMzI3ZjczZmQ0In0%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
user.nicklpass.com
referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://user.nicklpass.com/registerWfMTSnj9A97bxlr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:50:17 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 May 2020 19:54:13 GMT
server
nginx/1.17.3
etag
"5ec82de5-34de"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
13534
x-xss-protection
1; mode=block
jquery-3.4.1.min.220afd743d.js
d3e54v103j8qbb.cloudfront.net/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Requested by
Host: user.nicklpass.com
URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-127.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://user.nicklpass.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 05:31:12 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
55146
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 27 Jun 2019 18:13:30 GMT
server
AmazonS3
etag
W/"220afd743d9e9643852e31a135a9f3ae"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
zsnfsjhHHVOUOsoPsj6DR_xGb5X_Rp_AqCfr6DoU3844UzZujed2Mg==
css
fonts.googleapis.com/ 		40 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CKarla:regular,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
db74b636e4c5fbf1eeb01f98be32d780bc4008593251f3eae861ef212bd46269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.nicklpass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 20:50:16 GMT
server
ESF
date
Mon, 25 Oct 2021 20:50:16 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Mon, 25 Oct 2021 20:50:16 GMT
mixpanel-2-latest.min.js
cdn4.mxpnl.com/libs/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: user.nicklpass.com
URL: https://user.nicklpass.com/registerWfMTSnj9A97bxlr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.235.23 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
23.235.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.nicklpass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:49:21 GMT
content-encoding
gzip
age
56
x-guploader-uploadid
ADPycdv0Q2wEjARNuEh2chAxG82j4H3474FzIQ8hiQMN3ACqyoJxLEPvhs5-V7EQHIenANkat2SrdlWXuRzpHsqhTyQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
25572
last-modified
Thu, 28 Jan 2021 18:21:54 GMT
server
UploadServer
etag
"765779983eed1c9fc2821b4507eea08b"
vary
Accept-Encoding
x-goog-hash
crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation
1611858114590219
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
25572
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 25 Oct 2021 20:59:21 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 12:11:32 GMT
x-content-type-options
nosniff
age
376725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 12:11:32 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 10:51:57 GMT
x-content-type-options
nosniff
age
122300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 24 Oct 2022 10:51:57 GMT
qkBbXvYC6trAT7RVLtw.woff2
fonts.gstatic.com/s/karla/v15/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v15/qkBbXvYC6trAT7RVLtw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CKarla:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
cb6e74951b276f25770b35ae0e206139f1494d73cce9c72382731c50c7b8880f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 09:05:21 GMT
x-content-type-options
nosniff
age
474296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29268
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:11:53 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 09:05:21 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CKarla:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:26:14 GMT
x-content-type-options
nosniff
age
354243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 18:26:14 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v26/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CKarla:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 08:17:28 GMT
x-content-type-options
nosniff
age
304369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
47804
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:51:13 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 08:17:28 GMT
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CKarla:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
d29d48c55bdf3839337426482acf82b39999f7acfd0215d0f69a9920f6d07026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:15:30 GMT
x-content-type-options
nosniff
age
387287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19776
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:12 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 09:15:30 GMT
u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
fonts.gstatic.com/s/merriweather/v25/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CKarla:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
b03b22277bc0d345c3b1811d3e25a4446028b27565e1c233cf13b4309c104140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 10:52:06 GMT
x-content-type-options
nosniff
age
122291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19756
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:21:45 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 24 Oct 2022 10:52:06 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v25/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CKarla:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 16:07:23 GMT
x-content-type-options
nosniff
age
362574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20016
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:21:51 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 16:07:23 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v25/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CKarla:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
40abffc6cc361e6f31e1738c7f835297ec4ba0a14666fdaeeff57f1b62e3d694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 02:40:24 GMT
x-content-type-options
nosniff
age
410993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19728
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 02:40:24 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CKarla:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:43:17 GMT
x-content-type-options
nosniff
age
421620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19696
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 23:43:17 GMT
u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v25/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CKarla:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
c5cee7e6aa64088bf3e1569168fb295c8cb286855328b0d1e2a213465a9e182f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 04:21:28 GMT
x-content-type-options
nosniff
age
318529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19904
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 04:21:28 GMT
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CKarla:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
32872225c70cc59428eea5fa412b86aa82e4f73ac5fa20fbe34ee1702ba270aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 10:51:39 GMT
x-content-type-options
nosniff
age
122318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19792
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 24 Oct 2022 10:51:39 GMT
u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
fonts.gstatic.com/s/merriweather/v25/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CKarla:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
d67c5f8c1c26025c5ad2d21a7b91aaf6aa7b179a2bab364c4692168c056e1a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.nicklpass.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:06:15 GMT
x-content-type-options
nosniff
age
9842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19780
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 25 Oct 2022 18:06:15 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| WebFont object| mixpanel function| $ function| jQuery function| _ function| Popper function| axios function| setImmediate function| clearImmediate function| Vue

4 Cookies

Domain/Path Name / Value
.t.sidekickopen10.com/ Name: _hetc
Value: 7c0d55a5-0cf5-48e3-96f6-819e065ceeea|1635195016351|ACOD57cwLQIVAIxUDVAy4sttHYssL7xbJpwYZGp1AhRjyyHMORsFjVcKJmaWnk64SoBm8A==
user.nicklpass.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Im1nWDZhWVVqUDhkbklGS1V6MVV1c1E9PSIsInZhbHVlIjoiKzJJbXBFR1ZFYlwvYnVXdjJMNThLenB3dk9OTVZaRjR3TThpSU9iZ0dGQ0EwbG5Ec2loRXNPR1hEV0o0V0N2SzUiLCJtYWMiOiJlYjEzNGQyYTlhMzdkNmM1ODM2ZTkzYmMzYWIyZDQ0NDkyZjExYjRkMjk0MzNjYzk1MWNlODg2OGJlMWY3MTA3In0%3D
user.nicklpass.com/ Name: nicklpass_session
Value: eyJpdiI6IlhsSElEZkhZbzZKOVwvV21JclVsWWhBPT0iLCJ2YWx1ZSI6IlwvcllsYzVrWGRkUjlKMmI5YTU2S3krZEpoU0dNY1ZjZVwvXC9yTldSRE5yR0RMb1NYNndsSGRTcDJtdEF5MXU3T0MiLCJtYWMiOiIxOTgyY2UzNWJjOGNjMjg0OGU5YmI4YTRlZDlmNzcyZDQ5Y2MzZmNiYjlmOGFkOGFjZTJhYTJlMzI3ZjczZmQ0In0%3D
.nicklpass.com/ Name: mp_192572f180f97c0a425a3ffe7d46ebc0_mixpanel
Value: %7B%22distinct_id%22%3A%20%2217cb937d7355c4-0e93faba05a62d-a7d193d-1d4c00-17cb937d736a3f%22%2C%22%24device_id%22%3A%20%2217cb937d7355c4-0e93faba05a62d-a7d193d-1d4c00-17cb937d736a3f%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn4.mxpnl.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
stackpath.bootstrapcdn.com
t.sidekickopen10.com
user.nicklpass.com
104.18.10.207
104.18.13.122
142.250.184.234
142.250.186.138
143.204.101.127
172.217.16.131
35.186.235.23
54.85.197.205
04fb0729abd24c0389bb170f192a6dd6d8e3bd718cf88f6b3248c0987e28be8b
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4
24a89ce6b7ad13eca90b9199aa74861f458ebc92aa29d65055b6633060d112e8
32872225c70cc59428eea5fa412b86aa82e4f73ac5fa20fbe34ee1702ba270aa
40abffc6cc361e6f31e1738c7f835297ec4ba0a14666fdaeeff57f1b62e3d694
4fda9db9bc3907e04a8165c3463082637d54d51e0c83aafe890d7e740315617e
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
9df7c4fb317c7e2fe53e0b588d7b5ebfa176204837139101b5e118e200277359
b03b22277bc0d345c3b1811d3e25a4446028b27565e1c233cf13b4309c104140
b1f7e005bec11a25b40761fa7d97f9b1dd0b3fc3e379f148f6ea4d0cffedb4f1
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
c5cee7e6aa64088bf3e1569168fb295c8cb286855328b0d1e2a213465a9e182f
cb6e74951b276f25770b35ae0e206139f1494d73cce9c72382731c50c7b8880f
d29d48c55bdf3839337426482acf82b39999f7acfd0215d0f69a9920f6d07026
d67c5f8c1c26025c5ad2d21a7b91aaf6aa7b179a2bab364c4692168c056e1a6d
d6b37db4978c27baa2f277d5265993cff46ab06d69fcac9a7da7e27d66fb3b34
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
db74b636e4c5fbf1eeb01f98be32d780bc4008593251f3eae861ef212bd46269
fcece164115249e4c4aa8223ab724fda40d99de9e50e169393359264ec2d0af6