nim.dopamrek.com Open in urlscan Pro
172.67.135.108  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response nim.dopamrek.com/	44 KB 21 KB	493ms 406ms	Document text/html	172.67.135.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nim.dopamrek.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.135.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7cc7807389b32da96dea514caf59381dc4a16e60655ba38c3965f5079aa4237 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 84f6749feaae746f-MIA content-encoding br content-type text/html; charset=utf-8 date Sat, 03 Feb 2024 00:11:16 GMT expires Sat, 03 Feb 2024 00:11:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPR7wznG0Iu1i9MXx4HOHSfVwhAHF7tTj00UIbvqYQEcWzOCnM1ADhMW%2BlUsaTlFt15W97q0MIdRaUjqYK8%2Fd2SGB8547%2Fbx2i58smgr2skRR01jdVaEbTNpUHHRZno%2Frpql"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	nicepage.css nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/css/	1 MB 99 KB	1000ms 969ms	Stylesheet text/css	172.67.135.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/css/nicepage.css Requested by Host: nim.dopamrek.com URL: https://nim.dopamrek.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.135.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d2a72f73f54341a576f67fb3d2bdc20f046d1a3c74c6248a1ec67789049a8df Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 00:11:16 GMT content-encoding br cf-cache-status MISS last-modified Fri, 02 Feb 2024 15:30:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65bd0aaf-158289" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oU4me%2B4GNacWhgKoaZU34gi27LowWGyTJQofK2bcvTQ9M2MUrXkUyeNVWSr8w8MXReZxghVNEBesKLhBaqwz3B29lRDzXh6qaaXmernPLsL8FT%2BvT02UMPj1fwbbFCt4vh%2B"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 84f674a2af70746f-MIA alt-svc h3=":443"; ma=86400 expires Tue, 13 Feb 2024 00:11:16 GMT
GET H2	200	nicepage-site.css nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/css/	764 KB 50 KB	976ms 946ms	Stylesheet text/css	172.67.135.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/css/nicepage-site.css Requested by Host: nim.dopamrek.com URL: https://nim.dopamrek.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.135.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fa72c52fc2f056bb8bd8f6cd8e4ad479d03d017b99a9b4e77d644775e4a1de2 Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 00:11:16 GMT content-encoding br cf-cache-status MISS last-modified Fri, 02 Feb 2024 15:30:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65bd0aaf-beed3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkkdPq3NsTgN%2FIvRTf9Wx2q62ij8uY9pF45geZ4KL3vUEOXa2KUuuY0HhKYn0UuirlgyRm0QhM%2FV2utivYu3Bl6n1Va6UST46AHokIHO2Z5F5aKLojwYFzm4re04nTmlLyO7"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 84f674a2af71746f-MIA alt-svc h3=":443"; ma=86400 expires Tue, 13 Feb 2024 00:11:16 GMT
GET H2	200	Landing.css nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/css/	31 KB 4 KB	346ms 315ms	Stylesheet text/css	172.67.135.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/css/Landing.css Requested by Host: nim.dopamrek.com URL: https://nim.dopamrek.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.135.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5a751b1621bbe49adbe6c91473e6c63a91dd7f0dbef11350db1ccc55403759a Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 00:11:16 GMT content-encoding br cf-cache-status MISS last-modified Fri, 02 Feb 2024 15:30:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65bd0aaf-7c55" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOFAonQ3fi7JJtX1Ox8XnvexSwM2I1URUFI4LJGmaw2tmlRMCCbCBGZLNQonP7rSbsP%2F%2BWRnkdc%2BC0RpvMYN08JoxNrmWgsZRP0a9NWsTkPk0ObktHw3hLaF3BicdOSwYcHx"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 84f674a2af73746f-MIA alt-svc h3=":443"; ma=86400 expires Tue, 13 Feb 2024 00:11:16 GMT
GET H2	200	jquery-3.5.1.min.js Show response nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/js/	87 KB 32 KB	450ms 449ms	Script application/javascript	172.67.135.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/js/jquery-3.5.1.min.js Requested by Host: nim.dopamrek.com URL: https://nim.dopamrek.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.135.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 00:11:16 GMT content-encoding br cf-cache-status MISS last-modified Fri, 02 Feb 2024 15:30:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65bd0aaf-15d84" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCNXcXVrMCtABn3GHglibkYIwd5jxcYKVZMGxwrQ1rX6KKymhC7RKObZ0Xqa3U12XW57uoV11037OlAhShLw7SZsOxkx5cO9Hj%2FRK83lqHym5280QNIsI2XNwC8dyZZyAIwg"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 84f674a2efe5746f-MIA alt-svc h3=":443"; ma=86400 expires Tue, 13 Feb 2024 00:11:16 GMT
GET H2	200	nicepage.js Show response nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/js/	275 KB 86 KB	939ms 939ms	Script application/javascript	172.67.135.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/js/nicepage.js Requested by Host: nim.dopamrek.com URL: https://nim.dopamrek.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.135.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36b37bab3c1763bc5f4f5f9af83b5b9ae2ff261881b57a7e6e060b8b5ef81904 Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 00:11:16 GMT content-encoding br cf-cache-status MISS last-modified Fri, 02 Feb 2024 15:30:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65bd0aaf-44bae" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujXquQs1iGsZm9t7wAw0bVNnS66hMK4lCAHkHmfqYt1OacnFIzDwSqzZtniUU%2B6ZO7f8q6GPPfrXv83BZVvzl1qmjf2fbyG5Nvb2%2BoBydiHvulDB5e5WpyicN6LKFgNGfhOA"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 84f674a2efe9746f-MIA alt-svc h3=":443"; ma=86400 expires Tue, 13 Feb 2024 00:11:16 GMT
GET H2	200	css fonts.googleapis.com/	96 KB 3 KB	191ms 66ms	Stylesheet text/css	2607:f8b0:4004:c0b::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i Requested by Host: nim.dopamrek.com URL: https://nim.dopamrek.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 48b0740d7126516a18e781856f8ebe8def1b8c1f6b8a1c325994841c930acbd2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 03 Feb 2024 00:11:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 03 Feb 2024 00:11:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 03 Feb 2024 00:11:16 GMT
GET H2	200	css fonts.googleapis.com/	14 KB 1 KB	186ms 62ms	Stylesheet text/css	2607:f8b0:4004:c0b::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i Requested by Host: nim.dopamrek.com URL: https://nim.dopamrek.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 313182bb88231cafe93374dc3287fbc25869b96d3e9986532dc43b587c392010 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 03 Feb 2024 00:11:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 02 Feb 2024 22:11:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 03 Feb 2024 00:11:16 GMT
GET H2	200	1706887850.png nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/image_def/	192 KB 193 KB	969ms 940ms	Image image/png	172.67.135.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/image_def/1706887850.png Requested by Host: nim.dopamrek.com URL: https://nim.dopamrek.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.135.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 373226d1e66c5b131afd7591bcd84c588cbe94da5230508fc8245db1b0e9d03b Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 00:11:16 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 197109 last-modified Fri, 02 Feb 2024 15:30:55 GMT server cloudflare etag "65bd0aaf-301f5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Yj3lMlVae1PdsJaFnJEECLLSM0okGJiiLw5%2BUl3Gj7SSNc2985wtdDUhWu%2Fw%2FpVlNnWR2VB966ol%2Bc%2BmchiteQ%2B2XIkWUwfnRHYS82my088HMqYiFoTXtB8hmC508%2FVci%2B3"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 84f674a2af74746f-MIA expires Tue, 13 Feb 2024 00:11:16 GMT
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7bc8e137fc76588d97c062c5167d9154000c76fe3d92f079001c5a5471c994b5 Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6171c5646c387a66d3da82d83f866aa21cf8e811270023fd596bcdf4fdd87486 Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f24c4ce184e56f8d891731756184a171f7e588995dbd73d2bf8818ce1f6f1c58 Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bacc8bd18b548fb4af3834fcf5847583eb89fafba28c1f2f5072949cf0bcc88e Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/png
GET H3	200	aa49e5bbcb321c65e1d4ba4d4afa599b.png nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/images/	21 KB 21 KB	475ms 474ms	Image image/png	172.67.135.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/images/aa49e5bbcb321c65e1d4ba4d4afa599b.png Requested by Host: nim.dopamrek.com URL: https://nim.dopamrek.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8234bdb2cf4ee47b08af54afb100c52de42baa1c55c71d00309d33e60e0feaa Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 00:11:16 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 21223 last-modified Fri, 02 Feb 2024 15:30:55 GMT server cloudflare etag "65bd0aaf-52e7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3ckJhq4%2FyDPIfCRagO82I8k6dbvIBWB1KFllDIXzcXhJAJLDx9CkIVx2h%2BHHtT%2BQ%2Bw86y8cVp2O7Lacb%2B1YQFrIeE50clEcREWxHbAG17lBS3IwZwPS58APOu3Pdi1QQwDK"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 84f674a2ff4c4c18-MIA expires Tue, 13 Feb 2024 00:11:16 GMT
GET H3	200	1814.jpg nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/image_def/	86 KB 87 KB	444ms 443ms	Image image/jpeg	172.67.135.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/image_def/1814.jpg Requested by Host: nim.dopamrek.com URL: https://nim.dopamrek.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11d7df213f8287cb034db8f0fdee22d782389c73abf9fa79777de6287fe186f2 Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 00:11:16 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 88265 last-modified Fri, 02 Feb 2024 15:30:55 GMT server cloudflare etag "65bd0aaf-158c9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTTBijoZ5blZugaMoncNGyC1gLGnc43%2FCRD3FWvudrPeQUx0nTK9z%2BuQ9eeAdEsBwJp6gaXeXga%2BaTXA4LYCS94fWdmfqRq%2BTawvwHdeJRNEiVCDcnTuTsTZ712r3BeiBPIQ"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 84f674a2ff514c18-MIA expires Tue, 13 Feb 2024 00:11:16 GMT
GET H3	200	rt22.jpg nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/images/	162 KB 163 KB	438ms 438ms	Image image/jpeg	172.67.135.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/images/rt22.jpg Requested by Host: nim.dopamrek.com URL: https://nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/css/Landing.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1ac4160320cb5f2ab2fb2055a00ecd75f6f8e325edf4534e96a544f9e4e9c71 Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/css/Landing.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 00:11:17 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 166309 last-modified Fri, 02 Feb 2024 15:30:55 GMT server cloudflare etag "65bd0aaf-289a5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FN0TpmIAAa5sp4rNLTPQOYS%2Buf%2BfzNhyDZhv1hvs6CLxZNarBBmrOBRCw06vjYORHIFY3NZMkwPWwcDYtnjwZjHeL7Uh1Y%2FKttFeBCPQwKsoaTf42uNYeJuzPgnkU%2BvL0Y2o"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 84f674a9c9244c18-MIA expires Tue, 13 Feb 2024 00:11:17 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	162ms 53ms	Font font/woff2	2607:f8b0:4004:c17::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://nim.dopamrek.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 04:58:43 GMT x-content-type-options nosniff age 69154 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 01 Feb 2025 04:58:43 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 32 KB	222ms 114ms	Font font/woff2	2607:f8b0:4004:c17::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://nim.dopamrek.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 05:00:54 GMT x-content-type-options nosniff age 69023 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 01 Feb 2025 05:00:54 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 fonts.gstatic.com/s/opensans/v40/	24 KB 25 KB	186ms 165ms	Font font/woff2	2607:f8b0:4004:c17::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://nim.dopamrek.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 05:12:21 GMT x-content-type-options nosniff age 68336 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24984 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:04:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 01 Feb 2025 05:12:21 GMT
GET H2	200	script.js Show response cdnstat.net/get/	129 B 697 B	245ms 172ms	Script text/html	104.21.56.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnstat.net/get/script.js?referrer=https://nim.dopamrek.com/ Requested by Host: nim.dopamrek.com URL: https://nim.dopamrek.com/lander/wg-es-xqcgwdhw1e/js/nicepage.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.56.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.1 Resource Hash c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1 Request headers accept-language en-US,en;q=0.9 Referer https://nim.dopamrek.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 00:11:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.1 vary Accept-Encoding access-control-allow-methods GET, POST content-type text/html; charset=utf-8 access-control-allow-origin https://nim.dopamrek.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaV04Nxpd%2B10qXr1zfDQK3AXovaiZYknZtY5IyXy%2FPfkMgUGy4sV5zWKxVBkCYuEeI3wdrxzGuVDCtBlLWuj5RBX0D2oHya3TR3gz5wYxHL40Ku6UrAbXnBkR1Z5ug%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 84f674b058290291-MIA access-control-allow-headers X-Requested-With,content-type alt-svc h3=":443"; ma=86400

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| cssBgParser function| ResponsiveMenu function| MailChimpForm object| bootstrap function| loadMapsContent function| mapIframeApiReady object| MapsLoader function| Lightbox object| Utility object| skrollr function| Waypoint function| WaypointAdapter function| _npStickyStack function| _npInitMenuLink function| AnimationInfo object| AnimationEventScroll function| AnimationEventSlider object| WillChangeHint function| AnimationFactory function| CountUp undefined| uAnimation object| _npScrollAnchor function| _npScrollSpyInit function| ImageZoom function| _npHorizontalLayoutSlider function| TabsControl function| _npTabsInit object| lazySizes object| _npLazyImages object| lazySizesConfig function| _npDialogsInit function| _npAccordionInit function| setImmediate function| clearImmediate object| sha256 function| _npAuthInit object| CountryList function| signRequestAnimFrame object| _responsive string| waypointContextKey

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nim.dopamrek.com/	1970-01-20 18:53:17	Name: _subid Value: 39i8mhg51qrok
			nim.dopamrek.com/	1970-01-21 03:44:39	Name: 05709 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI5NDc3N1wiOjE3MDY5MTkwNzZ9LFwiY2FtcGFpZ25zXCI6e1wiMTM5MjM3XCI6MTcwNjkxOTA3Nn0sXCJ0aW1lXCI6MTcwNjkxOTA3Nn0ifQ.BbPxZAV2lRxtbJcivhZzGWmqANMLGHAmVK4NRvWycIM
			nim.dopamrek.com/	1970-01-20 18:09:18	Name: PHPREFS Value: full

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnstat.net
fonts.googleapis.com
fonts.gstatic.com
nim.dopamrek.com
104.21.56.41
172.67.135.108
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c17::5e
11d7df213f8287cb034db8f0fdee22d782389c73abf9fa79777de6287fe186f2
1d2a72f73f54341a576f67fb3d2bdc20f046d1a3c74c6248a1ec67789049a8df
313182bb88231cafe93374dc3287fbc25869b96d3e9986532dc43b587c392010
36b37bab3c1763bc5f4f5f9af83b5b9ae2ff261881b57a7e6e060b8b5ef81904
373226d1e66c5b131afd7591bcd84c588cbe94da5230508fc8245db1b0e9d03b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fa72c52fc2f056bb8bd8f6cd8e4ad479d03d017b99a9b4e77d644775e4a1de2
48b0740d7126516a18e781856f8ebe8def1b8c1f6b8a1c325994841c930acbd2
6171c5646c387a66d3da82d83f866aa21cf8e811270023fd596bcdf4fdd87486
7bc8e137fc76588d97c062c5167d9154000c76fe3d92f079001c5a5471c994b5
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
a7cc7807389b32da96dea514caf59381dc4a16e60655ba38c3965f5079aa4237
bacc8bd18b548fb4af3834fcf5847583eb89fafba28c1f2f5072949cf0bcc88e
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c1ac4160320cb5f2ab2fb2055a00ecd75f6f8e325edf4534e96a544f9e4e9c71
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1
d8234bdb2cf4ee47b08af54afb100c52de42baa1c55c71d00309d33e60e0feaa
f24c4ce184e56f8d891731756184a171f7e588995dbd73d2bf8818ce1f6f1c58
f5a751b1621bbe49adbe6c91473e6c63a91dd7f0dbef11350db1ccc55403759a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d