www.civildiscord.com Open in urlscan Pro
2606:4700:90:0:3626:d0ff:6957:de1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.civildiscord.com/
Submission: On May 19 via automatic, source certstream-suspicious (May 19th 2023, 2:43:58 am UTC) — Scanned from DE

Summary HTTP 69 Redirects Links 44 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 69 HTTP transactions. The main IP is 2606:4700:90:0:3626:d0ff:6957:de1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.civildiscord.com.
TLS certificate: Issued by R3 on May 19th 2023. Valid for: 3 months.

This is the only time www.civildiscord.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:90:... 2606:4700:90:0:3626:d0ff:6957:de1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:12d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223d:2e00:7:2081:f100:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:205... 2600:9000:2057:c800:7:56a2:7e40:21	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a09:8280:1::... 2a09:8280:1::a:6d46	40509 (FLY) (FLY)
3	52.95.147.120 52.95.147.120	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
69	17

6 2606:4700:90:0:3626:d0ff:6957:de1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.civildiscord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:12d7 (United States)

ASN13335 (CLOUDFLARENET, US)

assets-app-production-pubnet.bndzgl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:2e00:7:2081:f100:21 (United States)

ASN16509 (AMAZON-02, US)

d2tqm71z2plwas.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:c800:7:56a2:7e40:21 (United States)

ASN16509 (AMAZON-02, US)

d10j3mvrs1suex.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a09:8280:1::a:6d46 (United States)

ASN40509 (FLY, US)

stats.zoogletools.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.147.120 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com

zglseed.s3.ca-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gstatic.com fonts.gstatic.com www.gstatic.com	674 KB
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 80	1016 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2	103 KB
7	bndzgl.com assets-app-production-pubnet.bndzgl.com — Cisco Umbrella Rank: 170268	267 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 jnn-pa.googleapis.com — Cisco Umbrella Rank: 209	33 KB
6	civildiscord.com www.civildiscord.com	60 KB
5	cloudfront.net d2tqm71z2plwas.cloudfront.net d10j3mvrs1suex.cloudfront.net	174 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 static.doubleclick.net — Cisco Umbrella Rank: 245	1 KB
3	amazonaws.com zglseed.s3.ca-central-1.amazonaws.com — Cisco Umbrella Rank: 913140	36 KB
3	zoogletools.net stats.zoogletools.net — Cisco Umbrella Rank: 201894	1 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 101	41 KB
69	12

	Domain	Requested by
11	www.youtube.com	www.civildiscord.com assets-app-production-pubnet.bndzgl.com www.youtube.com
10	www.gstatic.com	www.google.com www.youtube.com www.gstatic.com
7	www.google.com	assets-app-production-pubnet.bndzgl.com www.gstatic.com www.youtube.com www.google.com
7	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
7	assets-app-production-pubnet.bndzgl.com	www.civildiscord.com assets-app-production-pubnet.bndzgl.com
6	www.civildiscord.com	assets-app-production-pubnet.bndzgl.com
4	jnn-pa.googleapis.com	www.youtube.com
3	zglseed.s3.ca-central-1.amazonaws.com	assets-app-production-pubnet.bndzgl.com
3	stats.zoogletools.net	www.civildiscord.com stats.zoogletools.net
3	d10j3mvrs1suex.cloudfront.net	www.civildiscord.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.googleapis.com	www.civildiscord.com
2	d2tqm71z2plwas.cloudfront.net	www.civildiscord.com d2tqm71z2plwas.cloudfront.net
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
69	16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.reverbnation.com
twitter.com
soundcloud.com
civildiscord.com
www.google.com
d10j3mvrs1suex.cloudfront.net
bandzoogle.com

Subject Issuer	Validity	Valid
civildiscord.com R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-02` - `2024-04-01`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
stats.zoogletools.net R3	`2023-05-15` - `2023-08-13`	3 months	crt.sh
*.s3.ca-central-1.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-01-15`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.civildiscord.com/
Frame ID: 0E237DE72D8AAC73B01C284C8A545F25
Requests: 36 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1
Frame ID: CF14752634A4C6D4DE83090CCF2B6FF7
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly93d3cuY2l2aWxkaXNjb3JkLmNvbTo0NDM.&hl=de&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=ezeo7s661quk
Frame ID: 5C5F3377F113ACC66258AACD6D4F9922
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ
Frame ID: 796377156F0EAFF8B40D0750D457088F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Civil Discordnotes

Detected technologies

Stimulus (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-controller

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

69
Requests

99 %
HTTPS

94 %
IPv6

12
Domains

16
Subdomains

17
IPs

3
Countries

2407 kB
Transfer

6916 kB
Size

4
Cookies

44 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/CivilDiscord

Search URL Search Domain Scan URL

URL: http://www.reverbnation.com/CivilDiscord

Search URL Search Domain Scan URL

URL: http://twitter.com/CivilDiscord

Search URL Search Domain Scan URL

URL: http://soundcloud.com/civildiscord

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/2378879/474134838/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=1049%20Ford%20St,%20Bridgeport,%20PA
Title: The Bridgeport Rib House, 1049 Ford St, Bridgeport, PA

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/2091736/458165842/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=FORD%20ST,%20BRIDGEPORT,%20PA
Title: THE BRIDGEPORT RIBHOUSE, FORD ST, BRIDGEPORT, PA

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1835183/376062983/civil-discord-opens-for-huskey-burnette
Title: Civil Discord opens for Huskey Burnette

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=430%20South%20St.%20,%20Philadelphia,%20PA
Title: The Tusk, 430 South St. , Philadelphia, PA

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1835182/376062984/civil-discord-rocks-the-hotel
Title: Civil Discord rocks the Hotel

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=4046%20W%20Skippack%20Pike,%20Schwenksville,%20PA
Title: The Hotel Fiesole, 4046 W Skippack Pike, Schwenksville, PA

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1835178/376062975/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/154732/0e101a92c12fc8d9aab3ab1ba59d9fc0356f6cc9/original/llmf.jpg/!!/b%3AW1sicmVzaXplIixbNjAwLG51bGwseyJ3aXRob3V0RW5sYXJnZW1lbnQiOnRydWUsImZpdCI6Im91dHNpZGUifV1dXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1914131/407582336/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=650%20Baltimore%20Pike,%20Springfield,%20PA
Title: The Crimson Lounge at The Red Iron Pub, 650 Baltimore Pike, Springfield, PA

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1835177/376062974/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=1701%20Pottstown%20Pike,%20Pottstown,%20PA
Title: Old Philadelphia Public House, 1701 Pottstown Pike, Pottstown, PA

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1835175/376062972/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=2519%20Jenkintown%20Rd,%20Glenside,%20PA
Title: North Penn VFW, 2519 Jenkintown Rd, Glenside, PA

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1668520/304606534/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1686280/312270412/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=1049%20Ford%20St,%20Bridgeport,%20PA%2019405
Title: The Bridgeport Ribhouse, 1049 Ford St, Bridgeport, PA 19405

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1668516/304606527/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1686279/312270411/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=FIRE%20CHIEFS%20MEMORIAL%20BAND%20SHELL,%20Norristown,%20PA
Title: FIRE CHIEFS MEMORIAL BAND SHELL, Norristown, PA

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1656476/299300200/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=1529%20Dekalb%20Pike,%20Blue%20Bell,%20PA%2019422
Title: Whitpain Tavern, 1529 Dekalb Pike, Blue Bell, PA 19422

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1656474/299300198/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=1110%20LINCOLN%20AVE,%20PROSPECT%20PARK
Title: Marty Magee's, 1110 LINCOLN AVE, PROSPECT PARK

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1422100/213817086/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=2200%20West%20Drive,%20Oaks
Title: The Water Tower in Oaks, 2200 West Drive, Oaks

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1422095/213817081/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1445409/223587999/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=66%20North%20Main%20St,%20Spring%20City,%20PA
Title: Chaplin's, 66 North Main St, Spring City, PA

Search URL Search Domain Scan URL

URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/154732/c31a452207bc755ab9445bdb8c3e99c5d7861ba6/original/photo-2.jpg/!!/b%3AW1sicmVzaXplIixbNjAwLG51bGwseyJ3aXRob3V0RW5sYXJnZW1lbnQiOnRydWUsImZpdCI6Im91dHNpZGUifV1dXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1468069/230483340/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1445406/223587996/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=641%20Old%20Elm%20St,%20Conshohocken,%20PA
Title: The Old Mansion House, 641 Old Elm St, Conshohocken, PA

Search URL Search Domain Scan URL

URL: https://civildiscord.com/event/1422091/213817076/civil-discord
Title: Civil Discord

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&query=37%20Bridge%20Street,%20Phoenixville,%20PA%2019460
Title: The Pickering Creek Inn, 37 Bridge Street, Phoenixville, PA 19460

Search URL Search Domain Scan URL

URL: https://bandzoogle.com/
Title: Powered by Bandzoogle

Search URL Search Domain Scan URL

URL: https://civildiscord.com/track/1500220/shrooms
Title: Shrooms

Search URL Search Domain Scan URL

URL: https://civildiscord.com/track/1500192/do-you-remember
Title: Do You Remember

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

69 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.civildiscord.com/ 115 KB
22 KB 893ms
211ms Document
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.civildiscord.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

f661fdd374850dda15c1c8a8db4e5e42e905cbc815c5c0338bb4ccbdc05caa5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2
cache-control: max-age=0, public, s-maxage=31556952
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Fri, 19 May 2023 02:43:50 GMT
etag: W/"0d069ed98f9cad3648e9b4338834b254"
last-modified: Fri, 19 May 2023 02:41:58 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
strict-transport-security: max-age=604800
x-clacks-overhead: GNU Terry Pratchett
x-content-digest: 75ee27826c32bde883f235948ab4b1ac3cf43014
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-rack-cache: fresh
x-request-id: c35cf24bfbddb0688dfd175ea20cb836 f720be763c4197284542168324218d5f
x-runtime: 0.317995
x-xss-protection: 1; mode=block

GET
H2 200 application-c9607fc94ba0467494daefdd9daf611d51f6028ba89aa82aa480d608ed9e655f.css
assets-app-production-pubnet.bndzgl.com/assets/usersite/ 325 KB
45 KB 57ms
20ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-c9607fc94ba0467494daefdd9daf611d51f6028ba89aa82aa480d608ed9e655f.css

Requested by

Host: www.civildiscord.com
URL: https://www.civildiscord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9607fc94ba0467494daefdd9daf611d51f6028ba89aa82aa480d608ed9e655f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=604800
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 39817
cf-cache-status: HIT
content-length: 46187
x-xss-protection: 1; mode=block
x-request-id: ac5095d9caef24cfacce953ce5c10548
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 17 May 2023 20:47:17 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7c98fea08d809000-FRA
expires: Mon, 16 May 2033 02:43:50 GMT

GET
H2 200 style-203-78979b70.css
assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/ 87 KB
10 KB 48ms
12ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/style-203-78979b70.css

Requested by

Host: www.civildiscord.com
URL: https://www.civildiscord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dd1c1c0bec6c3706dfc8e83416f8de11facb1659e88c10c9b50081e759fce71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=604800
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 39788
cf-cache-status: HIT
content-length: 9259
x-xss-protection: 1; mode=block
x-request-id: c167e289709a9caf8fb04d9625309a58
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 18 May 2023 15:18:22 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7c98fea08d819000-FRA
expires: Mon, 16 May 2033 02:43:50 GMT

GET
H2 200 stylesheet.css
d2tqm71z2plwas.cloudfront.net/stock/Amerika/regular/ 199 B
542 B 33ms
6ms Stylesheet
text/css 2600:9000:223d:2e00:7:2081:f100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tqm71z2plwas.cloudfront.net/stock/Amerika/regular/stylesheet.css
Requested by: Host: www.civildiscord.com
URL: https://www.civildiscord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:7:2081:f100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2bcbb026e254fd21b22135d406707b25f23a53066739f3398cbfa04373af8bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:44:46 GMT
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2017 19:50:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 3545
etag: "4823a76757a948a85a57617f5bcdfd18"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 199
x-amz-cf-id: f5jSIOtITuvktlO2REy8Jw4MljBDyxoazbiA2nejhdDtEwGs3MptKw==

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@800&display=swap

Requested by

Host: www.civildiscord.com
URL: https://www.civildiscord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e64f46290ced6b14c45a7a1ccd110021d8a7fb539aff9cd38913a8bbdc3b360d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 May 2023 02:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 May 2023 02:43:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 May 2023 02:43:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
749 B 45ms
22ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Requested by

Host: www.civildiscord.com
URL: https://www.civildiscord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 May 2023 02:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 May 2023 01:10:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 May 2023 02:43:50 GMT

GET
H2 200 application-fd5b19bbdef0ce2a878212bc04f232c0e4728e9160d56972d9fa4b193e45be38.js Show response
assets-app-production-pubnet.bndzgl.com/assets/usersite/ 388 KB
122 KB 49ms
13ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-fd5b19bbdef0ce2a878212bc04f232c0e4728e9160d56972d9fa4b193e45be38.js

Requested by

Host: www.civildiscord.com
URL: https://www.civildiscord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5b19bbdef0ce2a878212bc04f232c0e4728e9160d56972d9fa4b193e45be38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=604800
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 39817
cf-cache-status: HIT
content-length: 124819
x-xss-protection: 1; mode=block
x-request-id: 2295ab3e485685e73ea101606f4608aa
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 09 May 2023 19:20:48 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7c98fea08d839000-FRA
expires: Mon, 16 May 2033 02:43:50 GMT

GET
H2 200 usersite-ef93fddaedc0ccec5ef1.js Show response
assets-app-production-pubnet.bndzgl.com/packs/js/ 316 KB
69 KB 12ms
12ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-ef93fddaedc0ccec5ef1.js

Requested by

Host: www.civildiscord.com
URL: https://www.civildiscord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd83ca6550e2cd952fdde7d7ca545b179344de11a4d79bcd767a0dd440234b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=604800
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 39817
cf-cache-status: HIT
content-length: 70646
x-xss-protection: 1; mode=block
x-request-id: c15747c4a68760d2468be96446fbd44b
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 18 May 2023 15:18:22 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7c98fea0bd919000-FRA
expires: Mon, 16 May 2033 02:43:50 GMT

GET
H2 200 usersite-eb0ed5fd.css
assets-app-production-pubnet.bndzgl.com/packs/css/ 12 KB
3 KB 49ms
13ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite-eb0ed5fd.css

Requested by

Host: www.civildiscord.com
URL: https://www.civildiscord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38762364df172b96d1023a94c67dc19fb98818f6627f572fbd90f3f6f200011e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=604800
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 39800
cf-cache-status: HIT
content-length: 2532
x-xss-protection: 1; mode=block
x-request-id: a230a1a5c3ce064bd9cc474aa2a08c0d
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 18 May 2023 15:18:22 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7c98fea08d829000-FRA
expires: Mon, 16 May 2033 02:43:50 GMT

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/154732/a26229ddb892ebe98e78cf21ee491b39ceb964b7/original/img-7623.jpg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/ 136 KB
137 KB 81ms
10ms Image
image/webp 2600:9000:2057:c800:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/154732/a26229ddb892ebe98e78cf21ee491b39ceb964b7/original/img-7623.jpg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: www.civildiscord.com
URL: https://www.civildiscord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c800:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/8bd687f2 (2023-05-18) / Express
Resource Hash: 7646cb3e4be76d5743d9c7a8f466e26076e1c3f1176176b51e68cfd570a6b32e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:42:23 GMT
via: 1.1 fly.io, 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
fly-request-id: 01H0RY62R4KHE1BYJG9Q5J2ETJ-fra
server: Fly/8bd687f2 (2023-05-18)
x-amz-cf-pop: FRA6-C1
age: 87
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/154732/a26229ddb892ebe98e78cf21ee491b39ceb964b7/original/img-7623.jpg/!!/b:W1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/154732/a26229ddb892ebe98e78cf21ee491b39ceb964b7/original/img-7623.jpg","commands":[["resize",1800,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: SPljpB9dDmPDxiQNw_4WMafxhuY4DTX95OoEsxOyXAOb-BjgRedXow==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/154732/0e101a92c12fc8d9aab3ab1ba59d9fc0356f6cc9/original/llmf.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLG51bGwseyJ3aXRob3V0RW5sYXJnZW1lbnQiOnRydWUsImZpdCI6Im91dHNp... 8 KB
9 KB 38ms
8ms Image
image/webp 2600:9000:2057:c800:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/154732/0e101a92c12fc8d9aab3ab1ba59d9fc0356f6cc9/original/llmf.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLG51bGwseyJ3aXRob3V0RW5sYXJnZW1lbnQiOnRydWUsImZpdCI6Im91dHNpZGUifV1dXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: www.civildiscord.com
URL: https://www.civildiscord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c800:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/8bd687f2 (2023-05-18) / Express
Resource Hash: 67c38831e665f34ef78f62d248585feb24a87b5fa695493151a5255874c6a45b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:42:23 GMT
via: 1.1 fly.io, 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
fly-request-id: 01H0RY62QY3C1DH7HV9NFFQ6Z5-fra
server: Fly/8bd687f2 (2023-05-18)
x-amz-cf-pop: FRA6-C1
age: 87
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/154732/0e101a92c12fc8d9aab3ab1ba59d9fc0356f6cc9/original/llmf.jpg/!!/b:W1sicmVzaXplIixbMjAwLG51bGwseyJ3aXRob3V0RW5sYXJnZW1lbnQiOnRydWUsImZpdCI6Im91dHNpZGUifV1dXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/154732/0e101a92c12fc8d9aab3ab1ba59d9fc0356f6cc9/original/llmf.jpg","commands":[["resize",[200,null,{"withoutEnlargement":true,"fit":"outside"}],null,{}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: LvUM_WPOAYXK8PLWbQ2aWJKbBUOeIY2WR_1hCkDmUmfeKiCYOUhchg==

GET
H2 200 usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css
assets-app-production-pubnet.bndzgl.com/assets/ 67 B
201 B 11ms
11ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css

Requested by

Host: www.civildiscord.com
URL: https://www.civildiscord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=604800
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 39800
cf-cache-status: HIT
content-length: 81
x-xss-protection: 1; mode=block
x-request-id: 6c52f07d61f701dfe8aeec5925510a54
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 09 May 2023 18:15:45 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7c98fea10dac9000-FRA
expires: Mon, 16 May 2033 02:43:50 GMT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 jXatEiORJTc Show response
www.youtube.com/embed/ Frame CF14 73 KB
31 KB 91ms
62ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1

Requested by

Host: www.civildiscord.com
URL: https://www.civildiscord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6509737cfa14b231002efc712350b3254414153bb4e17984e67aa0e0c44dd5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.civildiscord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-yxz31oZ1gftMkWt9jGS6sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 02:43:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/154732/c31a452207bc755ab9445bdb8c3e99c5d7861ba6/original/photo-2.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLG51bGwseyJ3aXRob3V0RW5sYXJnZW1lbnQiOnRydWUsImZpdCI6Im91d... 7 KB
8 KB 43ms
22ms Image
image/webp 2600:9000:2057:c800:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/154732/c31a452207bc755ab9445bdb8c3e99c5d7861ba6/original/photo-2.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLG51bGwseyJ3aXRob3V0RW5sYXJnZW1lbnQiOnRydWUsImZpdCI6Im91dHNpZGUifV1dXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: www.civildiscord.com
URL: https://www.civildiscord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c800:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/8bd687f2 (2023-05-18) / Express
Resource Hash: 575c6812e621564970e54b9ccb414b3c2096ec85011cdf4f541374e4afc92adb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:42:23 GMT
via: 1.1 fly.io, 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
fly-request-id: 01H0RY62R5D308RTZVQHRA2H9J-fra
server: Fly/8bd687f2 (2023-05-18)
x-amz-cf-pop: FRA6-C1
age: 87
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/154732/c31a452207bc755ab9445bdb8c3e99c5d7861ba6/original/photo-2.jpg/!!/b:W1sicmVzaXplIixbMjAwLG51bGwseyJ3aXRob3V0RW5sYXJnZW1lbnQiOnRydWUsImZpdCI6Im91dHNpZGUifV1dXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/154732/c31a452207bc755ab9445bdb8c3e99c5d7861ba6/original/photo-2.jpg","commands":[["resize",[200,null,{"withoutEnlargement":true,"fit":"outside"}],null,{}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: Gd_ez9efuLeTPdw-n1-ugOuowZyxHwuhvRqJ_n1crMlW0FycFGfheA==

GET
H2 200 stats.js Show response
stats.zoogletools.net/ 2 KB
1 KB 131ms
98ms Script
application/javascript 2a09:8280:1::a:6d46
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.zoogletools.net/stats.js?v=1
Requested by: Host: www.civildiscord.com
URL: https://www.civildiscord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/8bd687f2 (2023-05-18) /
Resource Hash: 061c461be655d95421747b6d56b14bb0c3e2bd5cf973211c8632d80472069dc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Tue, 02 May 2023 13:21:35 GMT
server: Fly/8bd687f2 (2023-05-18)
fly-request-id: 01H0RY8R6NMEBFDXBFQEV07RC3-fra
etag: W/"6b7-64510e5f.0"
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
fly-cache-status: HIT
accept-ranges: bytes

GET
H/1.1 200
OK 203-content-light.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/161/a/ 33 KB
33 KB 379ms
127ms Image
image/png 52.95.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/161/a/203-content-light.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/style-203-78979b70.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.147.120 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 32c9b7f3189b543a5ccc8feda14470d6e79c2af689b80e1dceb20484aefe28d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-app-production-pubnet.bndzgl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 02:43:51 GMT
x-amz-version-id: QHMsj6DXyRorCo_LwMulNSndGbHoTM5x
Last-Modified: Mon, 03 Oct 2022 16:18:13 GMT
Server: AmazonS3
x-amz-request-id: JKGYAZ29X04XBXEM
ETag: "16d16face5f3eef7825034ae5b858548"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 33674
x-amz-id-2: NIK6kBVuTAHu2dlVympVoShy2hud7oaUK2Ztq/5UbhR/01QjCJAiJ6fP/f+inOmMxZUSONUtPJQ=

GET
H/1.1 200
OK column-border.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/161/a/ 1 KB
2 KB 395ms
136ms Image
image/png 52.95.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/161/a/column-border.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/style-203-78979b70.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.147.120 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9e94a76672babc2bcb9fe570697c9b9d91a31f4a1da1ef25c86e9a00d5e87649

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-app-production-pubnet.bndzgl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 02:43:51 GMT
x-amz-version-id: haHaOdkyp0e.8k3xoyxbO3QUC5T.3edb
Last-Modified: Mon, 03 Oct 2022 16:18:13 GMT
Server: AmazonS3
x-amz-request-id: JKGMK0PV3ATQG3WX
ETag: "d78662e029815245d7554f2facd4198e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1427
x-amz-id-2: y4Ryt/arJIx6Fl+OJvAFvKf5pb2kFN/XM87E52JhA46/BeldrJlPjA0RzWDI6GSGpKlPuK1GiY4=

GET
H/1.1 200
OK subtitle-border.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/161/a/ 589 B
997 B 393ms
134ms Image
image/png 52.95.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/161/a/subtitle-border.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/style-203-78979b70.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.147.120 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: acb1578d047588f340e8e7d3137b9a99e092f036f02b9ded138cf0c5b4db9ec6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-app-production-pubnet.bndzgl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 02:43:51 GMT
x-amz-version-id: TEjjgPXjlwYuwBN1eGiZS5iopso32ewJ
Last-Modified: Mon, 03 Oct 2022 16:18:13 GMT
Server: AmazonS3
x-amz-request-id: JKGVEG06DTBTHHM2
ETag: "fe775a62676c6af4c0b736f30b38a11c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 589
x-amz-id-2: TA02WnSEq/pqWGfEASRxp8chPb72tKgm6VEmHsABlQjlthi7SHqWf8RY1nUz9kAMIt0FQQOXy/M=

GET
H2 200 Amerika.woff2
d2tqm71z2plwas.cloudfront.net/stock/Amerika/regular/ 19 KB
19 KB 22ms
8ms Font
application/octet-stream 2600:9000:223d:2e00:7:2081:f100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tqm71z2plwas.cloudfront.net/stock/Amerika/regular/Amerika.woff2
Requested by: Host: d2tqm71z2plwas.cloudfront.net
URL: https://d2tqm71z2plwas.cloudfront.net/stock/Amerika/regular/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:7:2081:f100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb5c0828eb2a62f706751cd362c28a0c210fe5da2e67fe459481111befdb02d2

Request headers

Referer: https://d2tqm71z2plwas.cloudfront.net/stock/Amerika/regular/stylesheet.css
Origin: https://www.civildiscord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:44:46 GMT
via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 16371
x-cache: Hit from cloudfront
content-length: 19136
last-modified: Mon, 13 Feb 2017 19:50:36 GMT
server: AmazonS3
etag: "b69809db59aaf2dc4680cb7234bca358"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: VbjGWOC0Ix1VJ1I6r936PBqSXu2dI_FN1ZwFk9iyFsZK_JYyrWC-rQ==

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
19 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.civildiscord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 02:17:51 GMT
x-content-type-options: nosniff
age: 519959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 02:17:51 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
18 KB 32ms
10ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af5a9628858b383c6257068c476c25b5a8a6421b686a349a828c47f526e7f877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.civildiscord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 21:57:18 GMT
x-content-type-options: nosniff
age: 535592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18628
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 21:57:18 GMT

GET
H2 200 font-icons-027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5.woff
assets-app-production-pubnet.bndzgl.com/assets/ 33 KB
18 KB 183ms
168ms Font
application/font-woff 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/font-icons-027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5.woff

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-c9607fc94ba0467494daefdd9daf611d51f6028ba89aa82aa480d608ed9e655f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-c9607fc94ba0467494daefdd9daf611d51f6028ba89aa82aa480d608ed9e655f.css
Origin: https://www.civildiscord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1; mode=block
x-request-id: b9ebf2cab1efdc329983151667120062
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 09 May 2023 18:15:44 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7c98fea14a7130e7-FRA
expires: Mon, 16 May 2033 02:43:50 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 241-56e1cae0a4498aa9ea19.chunk.js Show response
www.civildiscord.com/packs/js/ 107 KB
21 KB 138ms
138ms Script
application/javascript 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.civildiscord.com/packs/js/241-56e1cae0a4498aa9ea19.chunk.js

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-ef93fddaedc0ccec5ef1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

67e308af4f4c4951f49da13664dd02ba87ddc249dd5d3f6acb17d9a2075c08fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
content-length: 21371
x-xss-protection: 1; mode=block
x-request-id: abdaf1eb49b1b235710513438b4cd16d
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 18 May 2023 15:18:23 GMT
server: openresty
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 232-563a9196080dc255f821.chunk.js Show response
www.civildiscord.com/packs/js/ 64 KB
14 KB 111ms
111ms Script
application/javascript 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.civildiscord.com/packs/js/232-563a9196080dc255f821.chunk.js

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-ef93fddaedc0ccec5ef1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

80206ec9f0673f1fc9add53648b98cb6f1e154b41ed448de0adba6b5f80460c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
content-length: 13763
x-xss-protection: 1; mode=block
x-request-id: 35aa172c2a656ae840a214de45f697ac
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 18 May 2023 15:18:23 GMT
server: openresty
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 237-8d1eb7050f50d5d60f5f.chunk.js Show response
www.civildiscord.com/packs/js/ 486 B
846 B 110ms
110ms Script
application/javascript 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.civildiscord.com/packs/js/237-8d1eb7050f50d5d60f5f.chunk.js

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-ef93fddaedc0ccec5ef1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

f39cee2d0470c4a96bd2af23a16b31ff28afe5ffa7fc612fff1d0a656868d61e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
content-length: 298
x-xss-protection: 1; mode=block
x-request-id: c4d2da7357a7b70834bb6bfb037c0fa9
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 18 May 2023 15:18:23 GMT
server: openresty
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 badge Show response
www.civildiscord.com/api/cart/ 1 KB
1 KB 207ms
207ms Fetch
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.civildiscord.com/api/cart/badge

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-ef93fddaedc0ccec5ef1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

9f13c6c11cc317009455316149f36f444245b2579388b32f7340b360c1460d29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.civildiscord.com/
X-CSRF-Token: pzisyMqNwOxo25/Epsglx5awV48FyzjcsE7j0eBSSPwi8y0a3Yh4Cd3afS09YAtdW9q0aGHiyUr42wA5wEBy6Q==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/html

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e40f4bdb7f32265a3a7a9493167a52b9, e40f4bdb7f32265a3a7a9493167a52b9
pragma: no-cache
x-runtime: 0.037841
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: openresty
etag: W/"9f13c6c11cc317009455316149f36f44"
x-download-options: noopen
vary: Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: no-store
x-robots-tag: noindex
x-rack-cache: miss
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-ef93fddaedc0ccec5ef1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4224d471edc72691f61ccdea6f21ca994645142551cf49992b179028b59e8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-W70hRgcIRzTjClyIIVQ1GQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 19 May 2023 02:43:50 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 910 B
902 B 124ms
23ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=onCaptchaLoaded

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-ef93fddaedc0ccec5ef1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2bbb25c92ed1583902aa2b079c49fc6f222d6aefc3384f8824231fc6d0fa9ed2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 582
x-xss-protection: 1; mode=block
expires: Fri, 19 May 2023 02:43:50 GMT

GET
H2 200 profile Show response
www.civildiscord.com/go/member/ 17 B
588 B 291ms
290ms Fetch
application/json 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.civildiscord.com/go/member/profile

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-ef93fddaedc0ccec5ef1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.civildiscord.com/
X-CSRF-Token: pzisyMqNwOxo25/Epsglx5awV48FyzjcsE7j0eBSSPwi8y0a3Yh4Cd3afS09YAtdW9q0aGHiyUr42wA5wEBy6Q==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/json

Response headers

date: Fri, 19 May 2023 02:43:50 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
content-length: 17
x-xss-protection: 1; mode=block
x-request-id: 9015b1a4804b7e90c32ed40cb637d34e, 9015b1a4804b7e90c32ed40cb637d34e
pragma: no-cache
x-runtime: 0.095894
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: openresty
etag: W/"06e5f7e2d702e0110271dd33c198e1f3"
x-download-options: noopen
vary: Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
cache-control: no-store
x-robots-tag: noindex
x-rack-cache: miss
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visits
stats.zoogletools.net/ 0
0 321ms
320ms Fetch
application/json 2a09:8280:1::a:6d46
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.zoogletools.net/visits

Requested by

Host: stats.zoogletools.net
URL: https://stats.zoogletools.net/stats.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/8bd687f2 (2023-05-18) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.civildiscord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 May 2023 02:43:51 GMT
via: 2 fly.io
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: c7f16270-a0be-4817-9461-944354ef29c4
x-runtime: 0.219093
referrer-policy: strict-origin-when-cross-origin
fly-request-id: 01H0RY8RDX3YTYAB1S4C9Y22NC-fra
server: Fly/8bd687f2 (2023-05-18)
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache
content-type: application/json; charset=utf-8
vary: Origin

OPTIONS
H2 200 visits
stats.zoogletools.net/ Frame 0
0 113ms
99ms Preflight 2a09:8280:1::a:6d46
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.zoogletools.net/visits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/8bd687f2 (2023-05-18) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.civildiscord.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-length: 0
date: Fri, 19 May 2023 02:43:50 GMT
fly-request-id: 01H0RY8RATFBZ570XM9ZZ852QW-fra
server: Fly/8bd687f2 (2023-05-18)
via: 2 fly.io

GET
H3 200 www-player.css
www.youtube.com/s/player/90a441fd/ Frame CF14 405 KB
48 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271487e1c6e4fe65588fe855f58dbd4005b5d1c60620487e28f009a20d69b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48637
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 May 2024 02:43:16 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/90a441fd/www-embed-player.vflset/ Frame CF14 306 KB
92 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

002cead02c391d10051d6534d57766dec9d645e09a6b59f34926b6080c9adb83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93933
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 May 2024 02:21:59 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/ Frame CF14 2 MB
740 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fcee9385106427a0947b47dcdc6638d1a25b63f2d3c7d132c348e66dccb4b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 15:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 757266
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 May 2024 15:14:05 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/90a441fd/fetch-polyfill.vflset/ Frame CF14 9 KB
3 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2604
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 May 2024 02:24:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF14 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 443715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 23:28:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF14 15 KB
15 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 464165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:47:45 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/90a441fd/www-widgetapi.vflset/ 198 KB
61 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a6b5536959f7c6aa8d010c485dbe71a7584955ddad8fc81633825c84425f3ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.civildiscord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 01:24:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62727
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 May 2024 01:24:24 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ 411 KB
165 KB 42ms
6ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=onCaptchaLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a8245841873c52eb3bba8b64194da020ec0defb4f74b26f459e7e30afde8be0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.civildiscord.com/
Origin: https://www.civildiscord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 16:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168410
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 16:30:12 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5C5F 51 KB
28 KB 30ms
29ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly93d3cuY2l2aWxkaXNjb3JkLmNvbTo0NDM.&hl=de&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=ezeo7s661quk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e95ff7eb360381d6268ad485681d835a13ed11813214b1e99d83212bb107ab0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KFADmkXZ41qnutjF_pFI2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.civildiscord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28359
content-security-policy: script-src 'report-sample' 'nonce-KFADmkXZ41qnutjF_pFI2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 02:43:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CF14
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

15ms
15ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d985c3c0a46f22c12ddc4c26e077831b7760ae99fb309f3e2871b24121cb8db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 May 2023 02:43:51 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CF14 29 B
495 B 44ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:37:07 GMT
x-content-type-options: nosniff
age: 404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 02:52:07 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 35ms
14ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 19 May 2023 02:43:51 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CF14 67 KB
31 KB 22ms
21ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

977d3feea00a29147c112b222c527e40e81c5a0be56a41b06b9b1875e4a1ead7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 19 May 2023 02:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31382
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/ Frame CF14 116 KB
33 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a67d91294fefed7bff63e213bee679dcf1cf7a06113378ff9057d95d650ec54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 23:03:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 272420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33608
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 May 2024 23:03:31 GMT

GET
H3 200 fcStgh4smOfAMc9IDeSBs19kD1Z1p72kXSRQ46_CmJQ.js Show response
www.google.com/js/th/ Frame CF14 37 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/fcStgh4smOfAMc9IDeSBs19kD1Z1p72kXSRQ46_CmJQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc4ad821e2c98e7c031cf480de481b35f640f5675a7bda45d2450e3afc29894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 14 May 2023 01:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 438215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14683
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 May 2024 01:00:16 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/jXatEiORJTc/ Frame CF14 40 KB
41 KB 35ms
7ms Image
image/webp 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/jXatEiORJTc/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e94453fb039ebf2606cc5ad733a01206757bcbb26f95ead0bfcb261518481aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:42:46 GMT
x-content-type-options: nosniff
age: 65
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41202
x-xss-protection: 0
server: sffe
etag: "1536112195"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 04:42:46 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/ Frame CF14 29 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40488823bd3cf755729a7b5fc0f195e6ea5fb0556a6cc79d22b431e9d2328e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 00:15:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 May 2024 00:15:04 GMT

GET
DATA 200
OK truncated
/ Frame CF14 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGIKgqP6s47HI3zdUOdyNAfhXUzXoW9gCbRpOyHawFFd=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CF14 1 KB
2 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AGIKgqP6s47HI3zdUOdyNAfhXUzXoW9gCbRpOyHawFFd=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5bea723e30d10537e64f5ce222be2c5329ccaf9ad877d8132b208a1c21fc43a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:42:46 GMT
x-content-type-options: nosniff
age: 65
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1350
x-xss-protection: 0
server: fife
etag: "v5b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 20 May 2023 02:42:46 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame 5C5F 55 KB
24 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly93d3cuY2l2aWxkaXNjb3JkLmNvbTo0NDM.&hl=de&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=ezeo7s661quk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 May 2024 23:33:11 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame 5C5F 411 KB
165 KB 24ms
10ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a8245841873c52eb3bba8b64194da020ec0defb4f74b26f459e7e30afde8be0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 16:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168410
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 16:30:12 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 19 May 2023 02:43:51 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CF14 90 B
134 B 19ms
18ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a7fbd3d34845483a58318b5d63a5a15a59532cf1c31a210d25959adc7db3343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 19 May 2023 02:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CF14 4 KB
2 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 May 2023 02:43:51 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5C5F 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=FFtxPnbuZxq6kkeHkQJR2MNQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a24ab9b0bb21eee7f3f98f27fe80ea1e446e36acbe50b693188371d4d203563

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly93d3cuY2l2aWxkaXNjb3JkLmNvbTo0NDM.&hl=de&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=ezeo7s661quk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 19 May 2023 02:43:51 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame CF14 0
10 B 9ms
7ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Fn_nPg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/113/ Frame CF14 51 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/113/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 11:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15228
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 15:06:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 19 May 2023 11:49:17 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 7963 7 KB
1 KB 20ms
20ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

41d1264ed29746ecdeec1defbd794d68f286cb3263bf5aee425aa07b0fba204e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M0jMoB7tKk1jiHWMTJ4xlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.civildiscord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1155
content-security-policy: script-src 'report-sample' 'nonce-M0jMoB7tKk1jiHWMTJ4xlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 02:43:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame 7963 55 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 May 2024 23:33:11 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame 7963 411 KB
165 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a8245841873c52eb3bba8b64194da020ec0defb4f74b26f459e7e30afde8be0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 16:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168410
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 16:30:12 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 7963 41 KB
25 KB 54ms
53ms XHR
application/json 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bf4885a8584107d2a1edb6bd16224365d6b14b637d993fa008570ca4a833f7b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 19 May 2023 02:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25120
x-xss-protection: 1; mode=block
expires: Fri, 19 May 2023 02:43:51 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7963 600 B
624 B 7ms
6ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 03:01:22 GMT
x-content-type-options: nosniff
age: 603749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 19 May 2023 03:01:22 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7963 530 B
554 B 8ms
7ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:31:39 GMT
x-content-type-options: nosniff
age: 461532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 20 May 2023 18:31:39 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7963 665 B
689 B 8ms
8ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:30:32 GMT
x-content-type-options: nosniff
age: 465199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 20 May 2023 17:30:32 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7963 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 443716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 23:28:35 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7963 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 03:41:14 GMT
x-content-type-options: nosniff
age: 601357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 03:41:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7963 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 464166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:47:45 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 7963 34 KB
34 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AL8dmw-hT0dAXV9dVPUciYvikVjSr7RqvpSK3jVqDPcv1XQD-bzMrKywFXQISzjzFx3TqTTYi9lWqJ5frArRqVbTZhr_Df1Pvsxrf_jVWHh_5bS682SkJVUSBLJw8dTzP-3QlXukexGcgPoqh8mcv6nMXbF6k8DmA6b7PasLTwqlBQCsE61QRh8UCffeVhtFCi2_XuzKfAsMEjsKqgzW5CYmYU7WVtBr5mGOduliNjVbNjtBpa6NbXE&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d6bde223b9b8da6a9bb8ba7c8924700033dc993a326bcb69858bf480ca02e87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:43:51 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34848
x-xss-protection: 1; mode=block
expires: Fri, 19 May 2023 02:43:51 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CF14 28 B
54 B 20ms
20ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-Goog-Request-Time: 1684464233017
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jXatEiORJTc?rel=0&wmode=transparent&enablejsapi=1
X-YouTube-Client-Version: 1.20230514.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtMLWlwYUtuMnNrayjmxJujBg%3D%3D
X-YouTube-Ad-Signals: dt=1684464230840&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C584%2C328&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 19 May 2023 02:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 19 May 2023 02:43:53 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 16:13:36	Name: _GRECAPTCHA Value: 09AAldklNFh68HHrUoSppivvGZb39jZErKKqqeDObOsIxL2S5h_8wfliwTd8cS0MoxPFZU92uNZCnRenHk7USjpFM
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 4is2TSbO4f0
.youtube.com/	1970-01-20 16:13:36	Name: VISITOR_INFO1_LIVE Value: L-ipaKn2skk
www.civildiscord.com/	1969-12-31 23:59:59	Name: guid Value: ce67871d-7b31-49e0-997f-d555ee0118b8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-app-production-pubnet.bndzgl.com
d10j3mvrs1suex.cloudfront.net
d2tqm71z2plwas.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
stats.zoogletools.net
www.civildiscord.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
zglseed.s3.ca-central-1.amazonaws.com
2600:9000:2057:c800:7:56a2:7e40:21
2600:9000:223d:2e00:7:2081:f100:21
2606:4700:90:0:3626:d0ff:6957:de1
2606:4700::6812:12d7
2a00:1450:4001:801::2003
2a00:1450:4001:802::2004
2a00:1450:4001:80b::2016
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2006
2a09:8280:1::a:6d46
52.95.147.120
002cead02c391d10051d6534d57766dec9d645e09a6b59f34926b6080c9adb83
027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5
061c461be655d95421747b6d56b14bb0c3e2bd5cf973211c8632d80472069dc7
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
0fcee9385106427a0947b47dcdc6638d1a25b63f2d3c7d132c348e66dccb4b0d
1a67d91294fefed7bff63e213bee679dcf1cf7a06113378ff9057d95d650ec54
1dd83ca6550e2cd952fdde7d7ca545b179344de11a4d79bcd767a0dd440234b2
1e94453fb039ebf2606cc5ad733a01206757bcbb26f95ead0bfcb261518481aa
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
2bbb25c92ed1583902aa2b079c49fc6f222d6aefc3384f8824231fc6d0fa9ed2
32c9b7f3189b543a5ccc8feda14470d6e79c2af689b80e1dceb20484aefe28d2
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
38762364df172b96d1023a94c67dc19fb98818f6627f572fbd90f3f6f200011e
3a7fbd3d34845483a58318b5d63a5a15a59532cf1c31a210d25959adc7db3343
3a8245841873c52eb3bba8b64194da020ec0defb4f74b26f459e7e30afde8be0
3dd1c1c0bec6c3706dfc8e83416f8de11facb1659e88c10c9b50081e759fce71
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40488823bd3cf755729a7b5fc0f195e6ea5fb0556a6cc79d22b431e9d2328e91
41d1264ed29746ecdeec1defbd794d68f286cb3263bf5aee425aa07b0fba204e
4224d471edc72691f61ccdea6f21ca994645142551cf49992b179028b59e8f2a
4271487e1c6e4fe65588fe855f58dbd4005b5d1c60620487e28f009a20d69b72
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4d6bde223b9b8da6a9bb8ba7c8924700033dc993a326bcb69858bf480ca02e87
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
575c6812e621564970e54b9ccb414b3c2096ec85011cdf4f541374e4afc92adb
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bea723e30d10537e64f5ce222be2c5329ccaf9ad877d8132b208a1c21fc43a3
5d985c3c0a46f22c12ddc4c26e077831b7760ae99fb309f3e2871b24121cb8db
6509737cfa14b231002efc712350b3254414153bb4e17984e67aa0e0c44dd5e2
67c38831e665f34ef78f62d248585feb24a87b5fa695493151a5255874c6a45b
67e308af4f4c4951f49da13664dd02ba87ddc249dd5d3f6acb17d9a2075c08fc
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a6b5536959f7c6aa8d010c485dbe71a7584955ddad8fc81633825c84425f3ac
7646cb3e4be76d5743d9c7a8f466e26076e1c3f1176176b51e68cfd570a6b32e
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7dc4ad821e2c98e7c031cf480de481b35f640f5675a7bda45d2450e3afc29894
80206ec9f0673f1fc9add53648b98cb6f1e154b41ed448de0adba6b5f80460c7
898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8e95ff7eb360381d6268ad485681d835a13ed11813214b1e99d83212bb107ab0
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
977d3feea00a29147c112b222c527e40e81c5a0be56a41b06b9b1875e4a1ead7
9a24ab9b0bb21eee7f3f98f27fe80ea1e446e36acbe50b693188371d4d203563
9e94a76672babc2bcb9fe570697c9b9d91a31f4a1da1ef25c86e9a00d5e87649
9f13c6c11cc317009455316149f36f444245b2579388b32f7340b360c1460d29
acb1578d047588f340e8e7d3137b9a99e092f036f02b9ded138cf0c5b4db9ec6
af5a9628858b383c6257068c476c25b5a8a6421b686a349a828c47f526e7f877
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bf4885a8584107d2a1edb6bd16224365d6b14b637d993fa008570ca4a833f7b2
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9607fc94ba0467494daefdd9daf611d51f6028ba89aa82aa480d608ed9e655f
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e2bcbb026e254fd21b22135d406707b25f23a53066739f3398cbfa04373af8bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64f46290ced6b14c45a7a1ccd110021d8a7fb539aff9cd38913a8bbdc3b360d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39cee2d0470c4a96bd2af23a16b31ff28afe5ffa7fc612fff1d0a656868d61e
f661fdd374850dda15c1c8a8db4e5e42e905cbc815c5c0338bb4ccbdc05caa5b
fb5c0828eb2a62f706751cd362c28a0c210fe5da2e67fe459481111befdb02d2
fd5b19bbdef0ce2a878212bc04f232c0e4728e9160d56972d9fa4b193e45be38

www.civildiscord.com Open in urlscan Pro 2606:4700:90:0:3626:d0ff:6957:de1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

94 %IPv6

12 Domains

16 Subdomains

17 IPs

3 Countries

2407 kBTransfer

6916 kBSize

4 Cookies

44 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.civildiscord.com Open in urlscan Pro
2606:4700:90:0:3626:d0ff:6957:de1 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

94 %
IPv6

12
Domains

16
Subdomains

17
IPs

3
Countries

2407 kB
Transfer

6916 kB
Size

4
Cookies

69 HTTP transactions
6 data transactions