darkmoonlylyth.com Open in urlscan Pro
2606:4700:90:0:3626:d0ff:6957:de1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lunarwitchery.com/
Effective URL:
https://darkmoonlylyth.com/
Submission Tags: phishingrod
Submission: On October 12 via api (October 12th 2023, 11:09:41 am UTC) from DE — Scanned from DE

Summary HTTP 47 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 47 HTTP transactions. The main IP is 2606:4700:90:0:3626:d0ff:6957:de1, located in United States and belongs to CLOUDFLARENET, US. The main domain is darkmoonlylyth.com.
TLS certificate: Issued by R3 on October 2nd 2023. Valid for: 3 months.

This is the only time darkmoonlylyth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	173.236.152.95 173.236.152.95	26347 (DREAMHOST-AS) (DREAMHOST-AS)
6	2606:4700:90:... 2606:4700:90:0:3626:d0ff:6957:de1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700::68... 2606:4700::6812:12d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223d:2000:7:2081:f100:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:a00:7:56a2:7e40:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2a09:8280:1::... 2a09:8280:1::a:6d46	40509 (FLY) (FLY)
6	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
47	12

2 173.236.152.95 (United States) 2 redirects

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-dap.bofur.dreamhost.com

lunarwitchery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lunarwitchery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:90:0:3626:d0ff:6957:de1 (United States)

ASN13335 (CLOUDFLARENET, US)

darkmoonlylyth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:12d7 (United States)

ASN13335 (CLOUDFLARENET, US)

assets-app-production-pubnet.bndzgl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-production.bndzgl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:2000:7:2081:f100:21 (United States)

ASN16509 (AMAZON-02, US)

d2tqm71z2plwas.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:a00:7:56a2:7e40:21 (United States)

ASN16509 (AMAZON-02, US)

d10j3mvrs1suex.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a09:8280:1::a:6d46 (United States)

ASN40509 (FLY, US)

stats.zoogletools.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	bndzgl.com assets-app-production-pubnet.bndzgl.com — Cisco Umbrella Rank: 235389 assets-production.bndzgl.com — Cisco Umbrella Rank: 254933	375 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	656 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	120 KB
6	darkmoonlylyth.com darkmoonlylyth.com	51 KB
3	zoogletools.net stats.zoogletools.net — Cisco Umbrella Rank: 268172	1 KB
3	cloudfront.net d2tqm71z2plwas.cloudfront.net d10j3mvrs1suex.cloudfront.net	196 KB
2	lunarwitchery.com 2 redirects lunarwitchery.com www.lunarwitchery.com	178 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	256 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	79 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
47	10

	Domain	Requested by
8	www.gstatic.com	www.google.com www.gstatic.com
8	assets-production.bndzgl.com	darkmoonlylyth.com client assets-production.bndzgl.com
7	assets-app-production-pubnet.bndzgl.com	darkmoonlylyth.com assets-app-production-pubnet.bndzgl.com
6	www.google.com	assets-app-production-pubnet.bndzgl.com www.gstatic.com www.google.com
6	darkmoonlylyth.com	assets-app-production-pubnet.bndzgl.com
3	fonts.gstatic.com
3	stats.zoogletools.net	darkmoonlylyth.com stats.zoogletools.net
2	d2tqm71z2plwas.cloudfront.net	darkmoonlylyth.com d2tqm71z2plwas.cloudfront.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	darkmoonlylyth.com
1	d10j3mvrs1suex.cloudfront.net	darkmoonlylyth.com
1	fonts.googleapis.com	darkmoonlylyth.com
1	www.lunarwitchery.com	1 redirects
1	lunarwitchery.com	1 redirects
47	14

This site contains links to these domains. Also see Links.

Domain
queenofshadowsmusic.com
bandzoogle.com

Subject Issuer	Validity	Valid
darkmoonlylyth.com R3	`2023-10-02` - `2023-12-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-02` - `2024-04-01`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
stats.zoogletools.net R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://darkmoonlylyth.com/
Frame ID: 4520A66BCEBA47B8EB2B085F22AD51CD
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly9kYXJrbW9vbmx5bHl0aC5jb206NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=tih64i1shq1r
Frame ID: B904C9D57C336FEF38CC8859767C0679
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ
Frame ID: 553D3F2E6C25D99B7B2C022895FC6E06
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dark Moon Lylythnotes

Page URL History Show full URLs

https://lunarwitchery.com/ HTTP 301
https://www.lunarwitchery.com/ HTTP 302
https://darkmoonlylyth.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

47
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

14
Subdomains

12
IPs

2
Countries

1479 kB
Transfer

3657 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://queenofshadowsmusic.com/
Title: Visit Queen of Shadows website

Search URL Search Domain Scan URL

URL: https://bandzoogle.com/
Title: Powered by Bandzoogle

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lunarwitchery.com/ HTTP 301
https://www.lunarwitchery.com/ HTTP 302
https://darkmoonlylyth.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
darkmoonlylyth.com/
Redirect Chain

https://lunarwitchery.com/
https://www.lunarwitchery.com/
https://darkmoonlylyth.com/

55 KB
13 KB

454ms
217ms

Document
text/html

2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://darkmoonlylyth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

b7311c0ea1afccd493e970c542c42ec79cd4295d2fdb176038bcfc0450a38adf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1
cache-control: max-age=0, public, s-maxage=31556952
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Thu, 12 Oct 2023 11:09:35 GMT
etag: W/"d57ae84e644d3b1e94f1ed0a765a96cf"
last-modified: Mon, 02 Oct 2023 13:29:38 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
strict-transport-security: max-age=31556952
x-clacks-overhead: GNU Terry Pratchett
x-content-digest: 33c81497f7a5a5b790f7bcab7d402c5fe37fe7f8
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-rack-cache: fresh
x-request-id: c19ae566ab56c1dc219d18238f5abe0e 61d9c0238447c0df78bdbf93e004a973
x-runtime: 0.453184
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=600
content-length: 210
content-type: text/html; charset=iso-8859-1
date: Thu, 12 Oct 2023 11:09:34 GMT
expires: Thu, 12 Oct 2023 11:19:34 GMT
location: https://darkmoonlylyth.com
server: Apache

GET
H2 200 application-f90a1bdd311ca2955ee6a875e9a2452d7b76f4a7f2fa633ab188fda86e1db56e.css
assets-app-production-pubnet.bndzgl.com/assets/usersite/ 326 KB
46 KB 54ms
20ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-f90a1bdd311ca2955ee6a875e9a2452d7b76f4a7f2fa633ab188fda86e1db56e.css

Requested by

Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90a1bdd311ca2955ee6a875e9a2452d7b76f4a7f2fa633ab188fda86e1db56e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 242637
cf-cache-status: HIT
content-length: 46647
x-xss-protection: 1; mode=block
x-request-id: d7848a6f2c94d1d2e53f8d42e0710cde
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Fri, 06 Oct 2023 15:19:24 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 814ee437fb603836-FRA
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 beckett-9d2efb9b.css
assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/ 105 KB
11 KB 62ms
28ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/beckett-9d2efb9b.css

Requested by

Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

895f791bce8dfdce2d3e149aaa541506b291ddd4c78ff27fe108ff6aede7b160

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 1451204
cf-cache-status: HIT
content-length: 11019
x-xss-protection: 1; mode=block
x-request-id: 49aee0da168a511dafa1f10e0f94539e
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Sat, 23 Sep 2023 01:17:14 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 814ee437fb633836-FRA
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 stylesheet.css
d2tqm71z2plwas.cloudfront.net/user/14629/Valdemar/ 174 B
552 B 31ms
8ms Stylesheet
text/css 2600:9000:223d:2000:7:2081:f100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tqm71z2plwas.cloudfront.net/user/14629/Valdemar/stylesheet.css
Requested by: Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2000:7:2081:f100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba9b5754ec60f4815709a0c3010fe15b0fa399b3ec4c893ecaf069779df8349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 17:47:42 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Sat, 01 Feb 2020 06:53:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 62514
etag: "845d51d41062139d4b29c49e9a57f3f1"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public,max-age=31536000
content-disposition: attachment
accept-ranges: bytes
content-length: 174
x-amz-cf-id: jB92qZ3pun2vwe5T69OIFuesQwMOHVXRAIpiuYIy6xMDgLZ4Wc6ocg==

GET
H2 200 stylesheet.css
assets-production.bndzgl.com/assets/1de11f0e-d180-40d8-93b6-0ebeee26563e/ 210 B
781 B 49ms
15ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/1de11f0e-d180-40d8-93b6-0ebeee26563e/stylesheet.css

Requested by

Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c043cc6c78b872d106e3c48ef1bd455a5b730afcf93223e3a1e1f2fdb80f567a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1450156
content-encoding: gzip
content-transfer-encoding: binary
content-disposition: inline; filename="stylesheet.css"; filename*=UTF-8''stylesheet.css
x-xss-protection: 1; mode=block
x-request-id: ceb41b90e7b4651526a112904899bfaa, ceb41b90e7b4651526a112904899bfaa
pragma
x-runtime: 0.040398
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"c043cc6c78b872d106e3c48ef1bd455a"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 814ee437ff62196d-FRA
x-rack-cache: miss
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 stylesheet.css
assets-production.bndzgl.com/assets/077ed434-f2f6-442a-a79f-5fd1c5cdd751/ 211 B
279 B 51ms
17ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/077ed434-f2f6-442a-a79f-5fd1c5cdd751/stylesheet.css

Requested by

Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93bca455a5758f53f1b9bfea0fd65746a0f8254fe1ba46f7d5b62511c5bdb5a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 589574
content-encoding: gzip
content-transfer-encoding: binary
content-disposition: inline; filename="stylesheet.css"; filename*=UTF-8''stylesheet.css
x-xss-protection: 1; mode=block
x-request-id: fbac8e71e16921d938d9d74907e65be5, fbac8e71e16921d938d9d74907e65be5
pragma
x-runtime: 0.027577
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"93bca455a5758f53f1b9bfea0fd65746"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 814ee437ff65196d-FRA
x-rack-cache: miss
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 stylesheet.css
assets-production.bndzgl.com/assets/7a8dc529-7b48-461b-8f3a-66354a352f1a/ 206 B
281 B 52ms
19ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/7a8dc529-7b48-461b-8f3a-66354a352f1a/stylesheet.css

Requested by

Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e48a2672cb5266beece0f2fc103ffeb62e0e3167137753ed955c9c3bf63399

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1449859
content-encoding: gzip
content-transfer-encoding: binary
content-disposition: inline; filename="stylesheet.css"; filename*=UTF-8''stylesheet.css
x-xss-protection: 1; mode=block
x-request-id: 850ecec032c12d347eb36b5607eeccb2, 850ecec032c12d347eb36b5607eeccb2
pragma
x-runtime: 0.054600
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"c5e48a2672cb5266beece0f2fc103ffe"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 814ee437ff67196d-FRA
x-rack-cache: miss
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 stylesheet.css
assets-production.bndzgl.com/assets/f45cf24e-7f20-4712-a042-76ea95bc9f2d/ 213 B
282 B 51ms
18ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/f45cf24e-7f20-4712-a042-76ea95bc9f2d/stylesheet.css

Requested by

Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bdb58962c95fbdcd154a5087a1f755c35724838dc312de08aa37fa957697e07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1450257
content-encoding: gzip
content-transfer-encoding: binary
content-disposition: inline; filename="stylesheet.css"; filename*=UTF-8''stylesheet.css
x-xss-protection: 1; mode=block
x-request-id: ca284f4c491f832f77f049949afb2e7a, ca284f4c491f832f77f049949afb2e7a
pragma
x-runtime: 0.031126
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"9bdb58962c95fbdcd154a5087a1f755c"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 814ee437ff68196d-FRA
x-rack-cache: miss
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 54ms
21ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&display=swap

Requested by

Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b00efa918eda525e2cd62d1e21a4282198d274013783464b056f8ba93bc67a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Oct 2023 11:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 10:56:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Oct 2023 11:09:35 GMT

GET
H2 200 application-e6d8ee1891c05079210e009f63c027e5d7b42e338117f64781459f3480fd8ec1.js Show response
assets-app-production-pubnet.bndzgl.com/assets/usersite/ 389 KB
123 KB 58ms
25ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-e6d8ee1891c05079210e009f63c027e5d7b42e338117f64781459f3480fd8ec1.js

Requested by

Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6d8ee1891c05079210e009f63c027e5d7b42e338117f64781459f3480fd8ec1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 140453
cf-cache-status: HIT
content-length: 126009
x-xss-protection: 1; mode=block
x-request-id: 4d5a6e25d1751ca0afd2afce3e48a4cb
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 10 Oct 2023 14:28:50 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 814ee437fb673836-FRA
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 usersite-d348ce6fe2d048f4f27e.js Show response
assets-app-production-pubnet.bndzgl.com/packs/js/ 317 KB
68 KB 19ms
18ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-d348ce6fe2d048f4f27e.js

Requested by

Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8e3e17a190ac10b2be9434b224031bea3a335441233e906968545c961daf7a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 851636
cf-cache-status: HIT
content-length: 69129
x-xss-protection: 1; mode=block
x-request-id: cf7607a7e32a81771ad6ab2a6e5eaa3d
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 02 Oct 2023 14:22:03 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 814ee4384bd43836-FRA
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 usersite-eb0ed5fd.css
assets-app-production-pubnet.bndzgl.com/packs/css/ 12 KB
3 KB 57ms
24ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite-eb0ed5fd.css

Requested by

Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38762364df172b96d1023a94c67dc19fb98818f6627f572fbd90f3f6f200011e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 1451276
cf-cache-status: HIT
content-length: 2532
x-xss-protection: 1; mode=block
x-request-id: f573ffb0f67fe626527c665a1648c03b
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Sat, 23 Sep 2023 01:17:14 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 814ee437fb663836-FRA
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/444287/086faf0a0d8f69658f4503b4e7a5e8ee9b8c3977/original/lady-raven-1400px-by-1400px-300dpi.jpg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/ 171 KB
172 KB 488ms
460ms Image
image/webp 2600:9000:2057:a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/444287/086faf0a0d8f69658f4503b4e7a5e8ee9b8c3977/original/lady-raven-1400px-by-1400px-300dpi.jpg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/55f8eaa0 (2023-10-09) / Express
Resource Hash: 297404e7563e446aa39610fa1dfb08f0b1f9f89c923db0e2f529cbb012a11b3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
via: 1.1 fly.io, 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
fly-request-id: 01HCHS7QJVMMR90ZB2C40RJXR6-fra
server: Fly/55f8eaa0 (2023-10-09)
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/444287/086faf0a0d8f69658f4503b4e7a5e8ee9b8c3977/original/lady-raven-1400px-by-1400px-300dpi.jpg/!!/b:W1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/444287/086faf0a0d8f69658f4503b4e7a5e8ee9b8c3977/original/lady-raven-1400px-by-1400px-300dpi.jpg","commands":[["resize",1800,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: WCh0A9mVMPCMXcykkcsZgygCDuwtoRq1A-yIJ6d3ZyscekJjODYS8Q==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 64ms
27ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3ETGR8YGCV

Requested by

Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f613f94ed2fff3f68517d30d8ede30f5ae0a803b3532b2b3e947c0344df7caa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 12 Oct 2023 11:09:35 GMT

GET
H2 200 stylesheet.css
assets-production.bndzgl.com/assets/11890b8b-09f4-4940-9160-af3f17d01095/ 255 B
293 B 52ms
19ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/11890b8b-09f4-4940-9160-af3f17d01095/stylesheet.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebed423add05b141c6b04da114159808afbd01118ecb7035206be3691425ecca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1446970
content-encoding: gzip
content-transfer-encoding: binary
content-disposition: inline; filename="stylesheet.css"; filename*=UTF-8''stylesheet.css
x-xss-protection: 1; mode=block
x-request-id: 3ff73176a15dcaf0a404941174c8219c, 3ff73176a15dcaf0a404941174c8219c
pragma
x-runtime: 0.035950
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"ebed423add05b141c6b04da114159808"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 814ee437ff69196d-FRA
x-rack-cache: miss
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css
assets-app-production-pubnet.bndzgl.com/assets/ 67 B
208 B 23ms
19ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css

Requested by

Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 1451275
cf-cache-status: HIT
content-length: 81
x-xss-protection: 1; mode=block
x-request-id: a536fda8dfe21d57bd78216d516e9fe6
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 20 Sep 2023 18:43:03 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 814ee438bc813836-FRA
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 Valdemar.woff2
d2tqm71z2plwas.cloudfront.net/user/14629/Valdemar/ 23 KB
23 KB 163ms
116ms Font
application/octet-stream 2600:9000:223d:2000:7:2081:f100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tqm71z2plwas.cloudfront.net/user/14629/Valdemar/Valdemar.woff2
Requested by: Host: d2tqm71z2plwas.cloudfront.net
URL: https://d2tqm71z2plwas.cloudfront.net/user/14629/Valdemar/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2000:7:2081:f100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e287e8d5b2c156ef9b09d0d2b01bd0e967889e845cf785d4b75567754c1f935

Request headers

Referer: https://d2tqm71z2plwas.cloudfront.net/user/14629/Valdemar/stylesheet.css
Origin: https://darkmoonlylyth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:36 GMT
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
last-modified: Sat, 01 Feb 2020 06:53:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: "66cb56d0c8d74376cb37490846b394f7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: public,max-age=31536000
content-disposition: attachment
accept-ranges: bytes
content-length: 23440
x-amz-cf-id: qluG-Z_SrKeTLNDMqAhwTYOeUereW1ufPMSxTWmxb6Asu8MaqyCPdA==

GET
H2 200 karla-regular.woff2
assets-production.bndzgl.com/assets/1de11f0e-d180-40d8-93b6-0ebeee26563e/ 20 KB
20 KB 177ms
131ms Font
font/woff2 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/1de11f0e-d180-40d8-93b6-0ebeee26563e/karla-regular.woff2

Requested by

Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/assets/1de11f0e-d180-40d8-93b6-0ebeee26563e/stylesheet.css#Karla-regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

186ef4aa26b1b33faf4df9deee73786d677074c6f5f8a47d92fa41633e23efaa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets-production.bndzgl.com/assets/1de11f0e-d180-40d8-93b6-0ebeee26563e/stylesheet.css
Origin: https://darkmoonlylyth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="karla-regular.woff2"; filename*=UTF-8''karla-regular.woff2
content-length: 20224
x-xss-protection: 1; mode=block
x-request-id: 11f487a2b539d8a266d9435b690d44c4, 11f487a2b539d8a266d9435b690d44c4
pragma
x-runtime: 0.012187
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"186ef4aa26b1b33faf4df9deee73786d"
x-download-options: noopen
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 814ee439184c5d80-FRA
x-rack-cache: miss
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 teko-regular.woff2
assets-production.bndzgl.com/assets/7a8dc529-7b48-461b-8f3a-66354a352f1a/ 42 KB
42 KB 218ms
173ms Font
font/woff2 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/7a8dc529-7b48-461b-8f3a-66354a352f1a/teko-regular.woff2

Requested by

Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/assets/7a8dc529-7b48-461b-8f3a-66354a352f1a/stylesheet.css#Teko-regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08bb8b88e3ab2bd1c96c40e58015a6951b761cbb2d4d53c778e699a37ce8f2a9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets-production.bndzgl.com/assets/7a8dc529-7b48-461b-8f3a-66354a352f1a/stylesheet.css
Origin: https://darkmoonlylyth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="teko-regular.woff2"; filename*=UTF-8''teko-regular.woff2
content-length: 43192
x-xss-protection: 1; mode=block
x-request-id: d64e73df9dcd2bd6240e82f056d346af, d64e73df9dcd2bd6240e82f056d346af
pragma
x-runtime: 0.011177
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"08bb8b88e3ab2bd1c96c40e58015a695"
x-download-options: noopen
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 814ee439184e5d80-FRA
x-rack-cache: miss
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 librebaskerville-regular.woff2
assets-production.bndzgl.com/assets/11890b8b-09f4-4940-9160-af3f17d01095/ 42 KB
42 KB 211ms
166ms Font
font/woff2 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/11890b8b-09f4-4940-9160-af3f17d01095/librebaskerville-regular.woff2

Requested by

Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/assets/11890b8b-09f4-4940-9160-af3f17d01095/stylesheet.css#Libre%20Baskerville-regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0a7c237929afee48e4b39facec535a4be2652213faad27f8eaf34cf0bd821b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets-production.bndzgl.com/assets/11890b8b-09f4-4940-9160-af3f17d01095/stylesheet.css
Origin: https://darkmoonlylyth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="librebaskerville-regular.woff2"; filename*=UTF-8''librebaskerville-regular.woff2
content-length: 42732
x-xss-protection: 1; mode=block
x-request-id: 143075fa85dfd6ecef2221f74059830f, 143075fa85dfd6ecef2221f74059830f
pragma
x-runtime: 0.015913
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"b0a7c237929afee48e4b39facec535a4"
x-download-options: noopen
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 814ee43918505d80-FRA
x-rack-cache: miss
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 stats.js Show response
stats.zoogletools.net/ 2 KB
1 KB 237ms
184ms Script
application/javascript 2a09:8280:1::a:6d46
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.zoogletools.net/stats.js?v=1
Requested by: Host: darkmoonlylyth.com
URL: https://darkmoonlylyth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/55f8eaa0 (2023-10-09) /
Resource Hash: 061c461be655d95421747b6d56b14bb0c3e2bd5cf973211c8632d80472069dc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Tue, 01 Aug 2023 12:20:29 GMT
server: Fly/55f8eaa0 (2023-10-09)
fly-request-id: 01HCHS7QYDXE6W737CE2ZA9853-ams
etag: W/"6b7-64c8f88d.0"
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
fly-cache-status: HIT
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 font-icons-027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5.woff
assets-app-production-pubnet.bndzgl.com/assets/ 33 KB
18 KB 50ms
17ms Font
application/font-woff 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/font-icons-027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5.woff

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-f90a1bdd311ca2955ee6a875e9a2452d7b76f4a7f2fa633ab188fda86e1db56e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-f90a1bdd311ca2955ee6a875e9a2452d7b76f4a7f2fa633ab188fda86e1db56e.css
Origin: https://darkmoonlylyth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 62514
content-encoding: gzip
x-xss-protection: 1; mode=block
x-request-id: 4fdcda5f227a4a39902f6f2374f30644
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 11 Oct 2023 08:34:55 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 814ee4392a8a9231-FRA
expires: Sun, 09 Oct 2033 11:09:35 GMT

GET
H2 200 244-41ca0c67881f09eac8ec.chunk.js Show response
darkmoonlylyth.com/packs/js/ 107 KB
21 KB 237ms
235ms Script
application/javascript 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://darkmoonlylyth.com/packs/js/244-41ca0c67881f09eac8ec.chunk.js

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-d348ce6fe2d048f4f27e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

5f4b0f1cab99f49cc6046c834d25e32f515cb0c61ea831c7100e03bbeab45022

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
content-length: 21373
x-xss-protection: 1; mode=block
x-request-id: 32b9678f21f43bcfcd07e59525f7f1f5
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 11 Oct 2023 19:55:00 GMT
server: openresty
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 234-c13e78baf713c40d87e5.chunk.js Show response
darkmoonlylyth.com/packs/js/ 64 KB
14 KB 222ms
221ms Script
application/javascript 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://darkmoonlylyth.com/packs/js/234-c13e78baf713c40d87e5.chunk.js

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-d348ce6fe2d048f4f27e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

8903700d566052e3e656bee481a0d378823cc594961a4b7a6b03a8a5312ee739

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
content-length: 13795
x-xss-protection: 1; mode=block
x-request-id: 2861c99bd6d2580246289ccdb332f234
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 11 Oct 2023 19:55:00 GMT
server: openresty
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 240-fbdd455d89fdb0983ca6.chunk.js Show response
darkmoonlylyth.com/packs/js/ 486 B
849 B 223ms
223ms Script
application/javascript 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://darkmoonlylyth.com/packs/js/240-fbdd455d89fdb0983ca6.chunk.js

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-d348ce6fe2d048f4f27e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

761a05101c46fd89e8faa0f0b4d5525d8b51023f6ffee2c30bb30103203da8d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
content-length: 299
x-xss-protection: 1; mode=block
x-request-id: 35078b9836103801dc13cccb61ddf144
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 11 Oct 2023 19:55:00 GMT
server: openresty
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=onCaptchaLoaded

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-d348ce6fe2d048f4f27e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

54d4b566915fc44ea3eec5c006c8897a41b3a47e7de7420cac0012261d1e2d27

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 12 Oct 2023 11:09:35 GMT

GET
H2 200 badge Show response
darkmoonlylyth.com/api/cart/ 1 KB
1 KB 215ms
214ms Fetch
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://darkmoonlylyth.com/api/cart/badge

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-d348ce6fe2d048f4f27e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

9f13c6c11cc317009455316149f36f444245b2579388b32f7340b360c1460d29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darkmoonlylyth.com/
X-CSRF-Token: d84s4PtL2+h3OV3UPNwmsgwHCwteIMfziT9e8dgK/NCqShW1Wn4ZdiPVqj66vEgcghpgFIAX4NgmTlBnFJyPyQ==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/html

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7103312182b132df6bec788c8e48884e, 7103312182b132df6bec788c8e48884e
pragma: no-cache
x-runtime: 0.050047
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: openresty
etag: W/"9f13c6c11cc317009455316149f36f44"
x-download-options: noopen
vary: Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: no-store
x-robots-tag: noindex
x-rack-cache: miss
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 profile Show response
darkmoonlylyth.com/go/member/ 17 B
588 B 211ms
209ms Fetch
application/json 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://darkmoonlylyth.com/go/member/profile

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-d348ce6fe2d048f4f27e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darkmoonlylyth.com/
X-CSRF-Token: d84s4PtL2+h3OV3UPNwmsgwHCwteIMfziT9e8dgK/NCqShW1Wn4ZdiPVqj66vEgcghpgFIAX4NgmTlBnFJyPyQ==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/json

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
content-length: 17
x-xss-protection: 1; mode=block
x-request-id: 0b07d300509cc3c9adbea1fc67af8c71, 0b07d300509cc3c9adbea1fc67af8c71
pragma: no-cache
x-runtime: 0.038541
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: openresty
etag: W/"06e5f7e2d702e0110271dd33c198e1f3"
x-download-options: noopen
vary: Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
cache-control: no-store
x-robots-tag: noindex
x-rack-cache: miss
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 44ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3ETGR8YGCV&gtm=45je3ab0&_p=1786211850&cid=319375958.1697108976&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dp=%2Fhome&sid=1697108975&sct=1&seg=0&dl=https%3A%2F%2Fdarkmoonlylyth.com%2F&dt=Dark%20Moon%20Lylyth&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ETGR8YGCV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkmoonlylyth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 11:09:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://darkmoonlylyth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ 466 KB
187 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=onCaptchaLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://darkmoonlylyth.com/
Origin: https://darkmoonlylyth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 08:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Oct 2024 08:30:57 GMT

POST
H2 200 visits
stats.zoogletools.net/ 0
0 202ms
202ms Fetch
application/json 2a09:8280:1::a:6d46
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.zoogletools.net/visits

Requested by

Host: stats.zoogletools.net
URL: https://stats.zoogletools.net/stats.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/55f8eaa0 (2023-10-09) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darkmoonlylyth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 12 Oct 2023 11:09:35 GMT
via: 2 fly.io
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 8cc34a47-2236-4c79-b86a-f5eb3bef6656
x-runtime: 0.101631
referrer-policy: strict-origin-when-cross-origin
fly-request-id: 01HCHS7R9BJV9RXKQCMEAS5XS6-ams
server: Fly/55f8eaa0 (2023-10-09)
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache
content-type: application/json; charset=utf-8
vary: Origin

OPTIONS
H2 200 visits
stats.zoogletools.net/ Frame 0
0 135ms
103ms Preflight 2a09:8280:1::a:6d46
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.zoogletools.net/visits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/55f8eaa0 (2023-10-09) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://darkmoonlylyth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-length: 0
date: Thu, 12 Oct 2023 11:09:35 GMT
fly-request-id: 01HCHS7R61ND30QF9WBMY0ATFZ-ams
server: Fly/55f8eaa0 (2023-10-09)
via: 2 fly.io

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B904 58 KB
33 KB 41ms
39ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly9kYXJrbW9vbmx5bHl0aC5jb206NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=tih64i1shq1r

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

07c5cb4e204537e49a3bde77e2a7081bde10dbb89222d7eef9705cd87ea28dc4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jchjUED1qstRWlilJiZOjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darkmoonlylyth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jchjUED1qstRWlilJiZOjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 11:09:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame B904 55 KB
24 KB 78ms
51ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly9kYXJrbW9vbmx5bHl0aC5jb206NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=tih64i1shq1r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 10:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Oct 2024 10:46:44 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame B904 466 KB
187 KB 82ms
55ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 08:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Oct 2024 08:30:57 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B904 102 B
135 B 16ms
16ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=lLirU0na9roYU3wDDisGJEVT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc8116624ca13ea4125db423b0f4bf7cd676ec017003da5be04f40b83e1b2cb6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly9kYXJrbW9vbmx5bHl0aC5jb206NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=tih64i1shq1r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 12 Oct 2023 11:09:36 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 553D 7 KB
1 KB 19ms
19ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

931dc8062e7da2180eeb76493dfe04a064689cdaa00774bbb6983cefbcbf5204

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-05zw3svno9wiHmyj5fwe0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darkmoonlylyth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-05zw3svno9wiHmyj5fwe0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 11:09:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 553D 55 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 10:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Oct 2024 10:46:44 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 553D 466 KB
187 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 08:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Oct 2024 08:30:57 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 553D 40 KB
24 KB 44ms
44ms XHR
application/json 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

750276f8aad92fa5f73ccb6d7b3b6fcae247eaf0bceb65e9e48652090083d153

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 12 Oct 2023 11:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 12 Oct 2023 11:09:36 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 553D 600 B
624 B 10ms
9ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 21:31:20 GMT
x-content-type-options: nosniff
age: 394696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 14 Oct 2023 21:31:20 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 553D 530 B
554 B 11ms
10ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 06:58:17 GMT
x-content-type-options: nosniff
age: 447079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 14 Oct 2023 06:58:17 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 553D 665 B
689 B 11ms
11ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:38:49 GMT
x-content-type-options: nosniff
age: 531047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 13 Oct 2023 07:38:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 553D 15 KB
16 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 461493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 553D 15 KB
15 KB 42ms
16ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 07:41:07 GMT
x-content-type-options: nosniff
age: 444509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 07:41:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 553D 15 KB
15 KB 35ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:06:30 GMT
x-content-type-options: nosniff
age: 579786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:06:30 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 553D 60 KB
60 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5Qa4_asQGuL0IK1VdluLudvA4YHtXuvGGauQjP_nkxOpPRod7eth4YP5Y48U8XJfG0EWz1tc1dcGNXZtYzBnniNhWURTXvhTJR6JyncMV7BqlAI8TAB01xpV4oqV1wBlcynvogSqYMyhj_DxnsuXpiJqs4HSENxV8iW6iS6D44Ec2TgBSuYxxqe8T3jsvJUkq3_TJ7HNeDxBpcMSMRiHLxYkcl3g&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4c1219d8d278c7c7e992edbd01b0e407e1c520fd4546a4666823be29e14ba881

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:09:36 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 12 Oct 2023 11:09:36 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 19:44:20	Name: _GRECAPTCHA Value: 09ANI2T2F0CMcojIvaNQykCN59P73I3Ni4dxYdLa6wt6YXHMNhn--hrgbaaUPSnrGvgL2mIEeD4VMttR4vpj5sjis
.darkmoonlylyth.com/	1970-01-21 01:01:08	Name: _ga_3ETGR8YGCV Value: GS1.1.1697108975.1.0.1697108975.0.0.0
.darkmoonlylyth.com/	1970-01-21 01:01:08	Name: _ga Value: GA1.1.319375958.1697108976
darkmoonlylyth.com/	1969-12-31 23:59:59	Name: guid Value: 4c2e3897-5dab-4bb3-af61-9fe0eb141222

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-app-production-pubnet.bndzgl.com
assets-production.bndzgl.com
d10j3mvrs1suex.cloudfront.net
d2tqm71z2plwas.cloudfront.net
darkmoonlylyth.com
fonts.googleapis.com
fonts.gstatic.com
lunarwitchery.com
region1.google-analytics.com
stats.zoogletools.net
www.google.com
www.googletagmanager.com
www.gstatic.com
www.lunarwitchery.com
173.236.152.95
2001:4860:4802:34::36
2600:9000:2057:a00:7:56a2:7e40:21
2600:9000:223d:2000:7:2081:f100:21
2606:4700:90:0:3626:d0ff:6957:de1
2606:4700::6812:12d7
2a00:1450:4001:806::2004
2a00:1450:4001:808::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2003
2a09:8280:1::a:6d46
027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5
061c461be655d95421747b6d56b14bb0c3e2bd5cf973211c8632d80472069dc7
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
07c5cb4e204537e49a3bde77e2a7081bde10dbb89222d7eef9705cd87ea28dc4
08bb8b88e3ab2bd1c96c40e58015a6951b761cbb2d4d53c778e699a37ce8f2a9
186ef4aa26b1b33faf4df9deee73786d677074c6f5f8a47d92fa41633e23efaa
1ba9b5754ec60f4815709a0c3010fe15b0fa399b3ec4c893ecaf069779df8349
297404e7563e446aa39610fa1dfb08f0b1f9f89c923db0e2f529cbb012a11b3b
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
38762364df172b96d1023a94c67dc19fb98818f6627f572fbd90f3f6f200011e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4c1219d8d278c7c7e992edbd01b0e407e1c520fd4546a4666823be29e14ba881
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
54d4b566915fc44ea3eec5c006c8897a41b3a47e7de7420cac0012261d1e2d27
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f4b0f1cab99f49cc6046c834d25e32f515cb0c61ea831c7100e03bbeab45022
750276f8aad92fa5f73ccb6d7b3b6fcae247eaf0bceb65e9e48652090083d153
761a05101c46fd89e8faa0f0b4d5525d8b51023f6ffee2c30bb30103203da8d9
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7e287e8d5b2c156ef9b09d0d2b01bd0e967889e845cf785d4b75567754c1f935
8903700d566052e3e656bee481a0d378823cc594961a4b7a6b03a8a5312ee739
895f791bce8dfdce2d3e149aaa541506b291ddd4c78ff27fe108ff6aede7b160
898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
931dc8062e7da2180eeb76493dfe04a064689cdaa00774bbb6983cefbcbf5204
93bca455a5758f53f1b9bfea0fd65746a0f8254fe1ba46f7d5b62511c5bdb5a2
9bdb58962c95fbdcd154a5087a1f755c35724838dc312de08aa37fa957697e07
9f13c6c11cc317009455316149f36f444245b2579388b32f7340b360c1460d29
b00efa918eda525e2cd62d1e21a4282198d274013783464b056f8ba93bc67a7d
b0a7c237929afee48e4b39facec535a4be2652213faad27f8eaf34cf0bd821b6
b7311c0ea1afccd493e970c542c42ec79cd4295d2fdb176038bcfc0450a38adf
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c043cc6c78b872d106e3c48ef1bd455a5b730afcf93223e3a1e1f2fdb80f567a
c5e48a2672cb5266beece0f2fc103ffeb62e0e3167137753ed955c9c3bf63399
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df
e6d8ee1891c05079210e009f63c027e5d7b42e338117f64781459f3480fd8ec1
e8e3e17a190ac10b2be9434b224031bea3a335441233e906968545c961daf7a8
ebed423add05b141c6b04da114159808afbd01118ecb7035206be3691425ecca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f613f94ed2fff3f68517d30d8ede30f5ae0a803b3532b2b3e947c0344df7caa9
f90a1bdd311ca2955ee6a875e9a2452d7b76f4a7f2fa633ab188fda86e1db56e
fc8116624ca13ea4125db423b0f4bf7cd676ec017003da5be04f40b83e1b2cb6

darkmoonlylyth.com Open in urlscan Pro 2606:4700:90:0:3626:d0ff:6957:de1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

92 %IPv6

10 Domains

14 Subdomains

12 IPs

2 Countries

1479 kBTransfer

3657 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

darkmoonlylyth.com Open in urlscan Pro
2606:4700:90:0:3626:d0ff:6957:de1 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

14
Subdomains

12
IPs

2
Countries

1479 kB
Transfer

3657 kB
Size

4
Cookies

47 HTTP transactions
5 data transactions