educationbluemoon.com Open in urlscan Pro
18.65.39.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://educationbluemoon.com/
Effective URL:
https://educationbluemoon.com/
Submission: On February 24 via api (February 24th 2024, 11:34:58 am UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 83 HTTP transactions. The main IP is 18.65.39.81, located in United States and belongs to AMAZON-02, US. The main domain is educationbluemoon.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 18th 2024. Valid for: a year.

This is the only time educationbluemoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.65.39.20 18.65.39.20	16509 (AMAZON-02) (AMAZON-02)
48	18.65.39.81 18.65.39.81	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
16	2a02:26f0:350... 2a02:26f0:3500:11::215:14d2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1 1	18.195.3.64 18.195.3.64	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:238... 2600:9000:238d:c00:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	52.28.79.158 52.28.79.158	16509 (AMAZON-02) (AMAZON-02)
4	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
2	18.66.112.20 18.66.112.20	16509 (AMAZON-02) (AMAZON-02)
83	11

1 18.65.39.20 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-20.ams1.r.cloudfront.net

educationbluemoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 18.65.39.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-81.ams1.r.cloudfront.net

educationbluemoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:26f0:3500:11::215:14d2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.now.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.3.64 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-3-64.eu-central-1.compute.amazonaws.com

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:238d:c00:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.79.158 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-79-158.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-20.fra56.r.cloudfront.net

now.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	educationbluemoon.com 1 redirects educationbluemoon.com	579 KB
18	now.gg cdn.now.gg — Cisco Umbrella Rank: 23048 now.gg — Cisco Umbrella Rank: 14933	735 KB
7	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 4024 api.cmp.inmobi.com — Cisco Umbrella Rank: 14119	214 KB
4	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 832	166 B
3	gstatic.com fonts.gstatic.com	24 KB
1	quantcast.com 1 redirects cmp.quantcast.com — Cisco Umbrella Rank: 4722	217 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	956 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 341	29 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	90 KB
83	9

	Domain	Requested by
49	educationbluemoon.com	1 redirects educationbluemoon.com
16	cdn.now.gg	educationbluemoon.com cdn.now.gg
6	cmp.inmobi.com	educationbluemoon.com cmp.quantcast.com cmp.inmobi.com
4	sessions.bugsnag.com	educationbluemoon.com
3	fonts.gstatic.com	fonts.googleapis.com
2	now.gg	educationbluemoon.com
1	api.cmp.inmobi.com	cmp.inmobi.com
1	cmp.quantcast.com	1 redirects
1	fonts.googleapis.com	educationbluemoon.com
1	www.googletagservices.com	educationbluemoon.com
1	www.googletagmanager.com	educationbluemoon.com
83	11

This site contains no links.

Subject Issuer	Validity	Valid
educationbluemoon.com Amazon RSA 2048 M02	`2024-01-18` - `2025-02-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.now.gg DigiCert TLS RSA SHA256 2020 CA1	`2023-09-11` - `2024-09-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh
now.gg Amazon RSA 2048 M03	`2023-12-22` - `2025-01-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://educationbluemoon.com/
Frame ID: 716AA0527188860218185BE911D0B8B6
Requests: 82 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play Roblox Online™

Page URL History Show full URLs

http://educationbluemoon.com/ HTTP 301
https://educationbluemoon.com/ Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

83
Requests

99 %
HTTPS

58 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

1672 kB
Transfer

5414 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://educationbluemoon.com/ HTTP 301
https://educationbluemoon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://cmp.quantcast.com/choice/mw9xJtqPQGFbC/now.gg/choice.js?tag_version=V2 HTTP 301
https://cmp.inmobi.com/choice/mw9xJtqPQGFbC/now.gg/choice.js?tag_version=V2

83 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
educationbluemoon.com/
Redirect Chain

http://educationbluemoon.com/
https://educationbluemoon.com/

56 KB
14 KB

516ms
475ms

Document
text/html

18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

CloudFront /

Resource Hash

dc7fc9cf4b1eecd151dfc037447c16a61f42797ebef4725ddc34dd55bdd78d42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 24 Feb 2024 11:34:52 GMT
etag: W/"df1b-ftejhJWDascEZWlDpWB61JQC5Dc"
origin-trial: Aoj4FrF7YpjXSSKM39l5/FtFHqovI5cTbySLwqDaYDpT40K1rsgrdhtH8+AmCOavPlUP3yZPsBeoZIAM6wmq3QwAAAB/eyJvcmlnaW4iOiJodHRwczovL2VkdWNhdGlvbmJsdWVtb29uLmNvbTo0NDMiLCJmZWF0dXJlIjoiVW5yZXN0cmljdGVkU2hhcmVkQXJyYXlCdWZmZXIiLCJleHBpcnkiOjE3MDk4NTU5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
server: CloudFront
vary: Accept-Encoding
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-id: PZg9bzE94tBjEp4Yv_tc6xm_OZ5CXXi9UWjD_3Nf7DPYrqcxglgX8g==
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Sat, 24 Feb 2024 11:34:51 GMT
Location: https://educationbluemoon.com/
Server: CloudFront
Via: 1.1 5de5e66003332bec09dff893114ac06c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: EBBtZg61wpugPejeKlsA06b_u8wW2nFIJbds546_7NGGy31BwMINZA==
X-Amz-Cf-Pop: AMS1-P1
X-Cache: Redirect from cloudfront
X-Frame-Options: SAMEORIGIN
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
90 KB 64ms
38ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRM8BWR

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

445559777fbb22420974a46dfe56fb5835c40190c744a7e5c0b38a1460e7686f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91858
x-xss-protection: 0
last-modified: Sat, 24 Feb 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 24 Feb 2024 11:34:52 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 89 KB
29 KB 89ms
52ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37fe4b572e156670aa80ba9e07e56c8f7fcd0a6403d968328dd682b59275d06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28847
x-xss-protection: 0
server: cafe
etag: 583 / 19777 / 31081366 / config-hash: 2958856145408218626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 11:34:52 GMT

GET
H2 200 3d0ae4c613f4697f.css
educationbluemoon.com/8/play/_next/static/css/ 23 KB
5 KB 241ms
241ms Stylesheet
text/css 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/css/3d0ae4c613f4697f.css

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

fae546ababb0117f4fc38362bbefe43df769fa7ea14768e8f69964d63f979387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"5c5a-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: o4nlsXcaKPeHqi5K9yvbkIozd8k7mfuhHjrAexsObSlcSoRmEGQeog==

GET
H2 200 1634d5343d0c5502.css
educationbluemoon.com/8/play/_next/static/css/ 35 KB
4 KB 241ms
241ms Stylesheet
text/css 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/css/1634d5343d0c5502.css

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

f12a152cb5cc404fb615bbdec1245fc6a39cca13bfc48067e22c95acb33304d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"8cc5-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 3yzdrNXgz1Zpg5RnLcOxm0EMRgEbLxd32SU77EKxRMNeGdB8K4sh5A==

GET
H2 200 webpack-e3417865889dd175.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 5 KB
3 KB 229ms
226ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/webpack-e3417865889dd175.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

44268b882152f0d910c99228177e6846f5c1d16a278e2f92606303a09d48b515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"130b-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: io-xmTqp0afv3CN3q8LHI2gjxjOWphUYSV7rx_tICy0NRC9DjczQJA==

GET
H2 200 framework-0e1b29c5be962d52.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 24 KB
9 KB 254ms
251ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/framework-0e1b29c5be962d52.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

dd67a2c615c4bce59788067e94ea0657c05c17dd306f007bbab916b543298838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"615d-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: OEPFMWLlPKoAr4qdNCe_QFs0k1u54yhtsD6WXJXP2yEs5yST4eTx8Q==

GET
H2 200 main-d59f0ad61824b1ab.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 106 KB
31 KB 228ms
226ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/main-d59f0ad61824b1ab.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

167f96e5a9332da2235f40ee2633f1a53bc89afd995d8b0d003a94c797752017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"1a658-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: YkAoOQpeDG6Fd64pY-YTuLE-54SM4S-I_n0MvVYypSSQGrIEUWbkwg==

GET
H2 200 _app-a92a594514ba7072.js Show response
educationbluemoon.com/8/play/_next/static/chunks/pages/ 644 KB
166 KB 239ms
236ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

1c628077193ae85331c4e0e7e3e5b0880ca6bbfd9de1362431dd4ab36237cf56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"a10e0-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: GWV0Qej3BRtmwKP5xVS9Sh7NyuGqoIXoE61apx8bsrHYY0E_DhE7Tw==

GET
H2 200 164-f867bd57cb37503b.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 103 KB
32 KB 228ms
225ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/164-f867bd57cb37503b.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

67f1eca8635312802c60faf4e4dfd153fc4ca2db8969c0ed2c46b44899e278ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"19c24-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 0WwuLu1RbZD2Jpr-8_Jufuxm6c6JVwGpL5q3vCgsYOOgNgPKIVCnDg==

GET
H2 200 919-961530544238edce.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 199 KB
60 KB 231ms
229ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/919-961530544238edce.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

879be798349097969e182a91d5f93d548738293643c4f57be88d63c5790352e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"31cf4-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: INXEoiukbwht5RNIvE7KIWdsCGjczA-dHwAF_r2eYX_BsYveRilvqg==

GET
H2 200 806-30fe3cd2389af2c1.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 43 KB
7 KB 239ms
237ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/806-30fe3cd2389af2c1.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

10d044443215522cdd4a8cdf3ac9b46a42dfc954dd51fec7ae4855785d442721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"aa40-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: gK1PH0CEmiq6GMRFJgRyJYJSEX-5F_DbhoveeVxMKlI3qcPNIsfwYQ==

GET
H2 200 804-c8e3058f86755a30.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 38 KB
6 KB 230ms
228ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/804-c8e3058f86755a30.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

6f632c84ef470429f789a4e5f7aeced487fae7c8a83ceafb7e742ec10496ca9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"99d9-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: bNKXj2CVCuBrRweS6fqnPszKPc5yxCgaC0fcDm1tecyEcT5Srvwrhw==

GET
H2 200 166-8507a75c3739ff74.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 193 KB
40 KB 241ms
239ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/166-8507a75c3739ff74.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

02c0be8ea18d9ac937ddb0dcea4cad23e7696095fe56a9f38aeba239814c552a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"302fe-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 8FAt_cHMp0SQd60j0a6F9aQGjawxKQlU6xsZmhBy4-BHF5FmiYoX5Q==

GET
H2 200 742-8b9049011b2dbba4.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 16 KB
4 KB 241ms
239ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/742-8b9049011b2dbba4.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

c5c0a8bbc16dfcb1edab334fdcc7c3c7e441a8da0c81b2139ab445fff5ce4283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"3f15-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 3vK9Xost7PeN080cZ7lL-6kNEI_tkoQoMx9GjJG0QoZoAnncEB2rGw==

GET
H2 200 53-5e162af49ef8b1d4.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 274 KB
47 KB 254ms
252ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/53-5e162af49ef8b1d4.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

b239732ad459c20bb68d4632d638151b8fa6c889e45feaa5f5fb26ff0be45659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"44929-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: W3gf-2358CaqynljX-xzp5s5T79d6AGIzsDsjKyphxIA1DDxlOLcyg==

GET
H2 200 761-7222d0a77ff64c73.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 23 KB
5 KB 253ms
252ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/761-7222d0a77ff64c73.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

b02dc332326f00549b6a1c258a2d96daa91b2083aebe4d991ae6635984fa9484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"5a29-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: Lxum3Tso73zwK2Wb_NCIxOw4U93GB40Y8P6H0cpsFe25gIibUZ2MYQ==

GET
H2 200 235-09e831ccc0d85df0.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 21 KB
7 KB 242ms
241ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/235-09e831ccc0d85df0.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

09a522a1fc71ebbf80ab0ae09f9e874fbf863c5f5f7f197b34445f6aaebefb2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"5439-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: _Bi7UbpGY2_DvbQAbkebdYrk4GChzzyjcoh4uLafsVyqNZn009IB0Q==

GET
H2 200 56-d68c75434b688cfb.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 420 KB
72 KB 254ms
253ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/56-d68c75434b688cfb.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

40fe005a3ba25487d609b370cb24ad12d216d45a18d6479c8be0812bfc77f666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"69196-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: jQTiQG3V4vHESOWzLGTTYXOaStnD8yjQJgpr7Gwvp4AgwCdfyg5QeA==

GET
H2 200 673-d1f0ee9fcb59e3f8.js Show response
educationbluemoon.com/8/play/_next/static/chunks/ 69 KB
16 KB 252ms
251ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/673-d1f0ee9fcb59e3f8.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

86dc62e1a6301a1839dd51ba14b9e2de6eaeb36272620a4e4a7711539ad2113c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"112a2-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: kUYJW3Z4goArAaOcQJ8TaVtt0UACHvXD_5HHCXCZTgnBaHAT7QKaPw==

GET
H2 200 index-7877732e4b9a2f1e.js Show response
educationbluemoon.com/8/play/_next/static/chunks/pages/ 7 KB
4 KB 254ms
253ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/chunks/pages/index-7877732e4b9a2f1e.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

9bd24c0670030a302f256a724124fb90cbc18b2ab523bdc5c806827c1823ae6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"1da2-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 7PnWSosByHhrB7-0A9B_g0fJ_VuvqykQPa1i2xIGYOKXstWJ7nrw3w==

GET
H2 200 _buildManifest.js Show response
educationbluemoon.com/8/play/_next/static/qb5lp7sx2KhgVkRokjejJ/ 2 KB
1 KB 255ms
254ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/qb5lp7sx2KhgVkRokjejJ/_buildManifest.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

5b8adc7de4d864f70ec414fbccd56b359d2bbfe4238813ed51aab2a926b41370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"6be-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: Rb60M2sR6DfaeGo2-vpDY9vS_vYl7KYo8HtfqGcoYgVLQRT-16cWIg==

GET
H2 200 _ssgManifest.js Show response
educationbluemoon.com/8/play/_next/static/qb5lp7sx2KhgVkRokjejJ/ 77 B
549 B 239ms
238ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/qb5lp7sx2KhgVkRokjejJ/_ssgManifest.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
content-length: 77
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"4d-18dd581b500"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: -nLlcAN5VtgHl88C0i9250sQ08I2XD0SY9TpT62DKNpx48gF5A9IVw==

GET
H2 200 _middlewareManifest.js Show response
educationbluemoon.com/8/play/_next/static/qb5lp7sx2KhgVkRokjejJ/ 92 B
564 B 241ms
240ms Script
application/javascript 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/8/play/_next/static/qb5lp7sx2KhgVkRokjejJ/_middlewareManifest.js

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
content-length: 92
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:28:47 GMT
etag: W/"5c-18dd582ab18"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: uLOjsh_hBRCC0SPqcEfn9J-PzHKBzu6bnoFon-BF8JX5tGFjbegTyw==

GET
H/1.1 200
OK fonts.css
cdn.now.gg/nowgg-static/fonts/ 2 KB
1 KB 70ms
9ms Stylesheet
text/css 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.now.gg/nowgg-static/fonts/fonts.css
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f37e8194b97e0883770b446f97e826a255541de2de07caa769c471175b807d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: xtmHumASrYoYPky7RnsMsGxMJ86NwvVa
Content-Encoding: gzip
Date: Sat, 24 Feb 2024 11:34:52 GMT
x-amz-request-id: FF8QXGNNV5Y5R12C
x-amz-server-side-encryption: AES256
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 698
x-amz-id-2: a5yLmD+Lde0MS2FX4Yj2JAbjC8zvNUYZ6mo7p9hrduQvDGzue0xDsgl35az1LrFfqiz6QKCwLqY=
Last-Modified: Fri, 08 Sep 2023 04:54:26 GMT
Server: AmazonS3
ETag: "33e0f1a762acd1978ea3c57fc8f47f73"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=576415
Accept-Ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
956 B 75ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2fb31b13937b4f1209e343fcc2367beef1d09ad819c1131ddc5d49fbcfe9278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Feb 2024 09:36:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Feb 2024 11:34:52 GMT

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/mw9xJtqPQGFbC/now.gg/
Redirect Chain

https://cmp.quantcast.com/choice/mw9xJtqPQGFbC/now.gg/choice.js?tag_version=V2
https://cmp.inmobi.com/choice/mw9xJtqPQGFbC/now.gg/choice.js?tag_version=V2

4 KB
2 KB

114ms
39ms

Script
application/javascript

2600:9000:238d:c00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/mw9xJtqPQGFbC/now.gg/choice.js?tag_version=V2
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/
Protocol: H2
Server: 2600:9000:238d:c00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e8c3fd01ffb3997c93afd9e09b11fe66ab37ada7f083b280a1b372ca5a6671a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
content-encoding: br
via: 1.1 1a89beee9d72657437f5e91f57220804.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 16:45:49 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 38
x-amz-server-side-encryption: AES256
etag: W/"b369f93f53be67b1fcf6c847414a67e3"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: CDYPgDa17aSrXqY4q29IkAC_L1qN63bdz-R9RoTgHeqiw-g53kAPrw==

Redirect headers

date: Sat, 24 Feb 2024 11:34:52 GMT
server: awselb/2.0
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
location: https://cmp.inmobi.com/choice/mw9xJtqPQGFbC/now.gg/choice.js?tag_version=V2
access-control-allow-origin: *
cache-control: max-age=900
content-length: 0

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 94 B
329 B 335ms
335ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: babe001d34f6a68189bf47b07f6df9fea7572fe8edc910a08e6011fd21b8cd0e

Request headers

x-ngg-skip-evar-check: false
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:52 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 94
x-amz-cf-id: S5MEcwigZMP2SbZUqxidweS_KeUio1ErrpfgKIw39HF9IUMJdswwcw==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 158 KB
44 KB 17ms
17ms Script
text/javascript 2600:9000:238d:c00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=now.gg
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/mw9xJtqPQGFbC/now.gg/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:c00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abe4ea2424cdaed8834843c5b9a05d8da6dc734cbbef28e1e50944e450c3577b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 10:49:22 GMT
content-encoding: gzip
via: 1.1 1a89beee9d72657437f5e91f57220804.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 2731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 23 Feb 2024 06:48:57 GMT
server: AmazonS3
etag: W/"77b0ce87a9e9840c4ee9c2c84a77db2a"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: UqqqriPbh9iQIojXFNHtQdSkGXkRffrXkM4WwwJTPs7MQotuoIehSw==

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 17 KB
4 KB 57ms
16ms XHR
application/json 2600:9000:238d:c00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=now.gg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:c00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f8c44d59686a646e29e67f464a88898f4adcacbdb8f133390532b7c57e4621c

Request headers

Accept: application/json, text/plain, */*
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:00:45 GMT
content-encoding: br
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 30848
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Feb 2024 03:00:42 GMT
server: AmazonS3
etag: W/"60af382f5b94de61729bb8087ecb07c3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: uBM6kYldPoWztbCwnILfvlIN3fRE2GlxWr2EQzL5adcmb9vnbzp1NA==

GET
H2 200 cmp2ui-en.js Show response
cmp.inmobi.com/tcfv2/51/ 280 KB
68 KB 18ms
17ms Script
text/javascript 2600:9000:238d:c00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/51/cmp2ui-en.js
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=now.gg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:c00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac0deee4c6d1a3d777dd3b509c853673ad89e4b974c13b67e24cc0adeeb89723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 18:58:48 GMT
content-encoding: br
via: 1.1 1a89beee9d72657437f5e91f57220804.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 59765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Feb 2024 06:48:49 GMT
server: AmazonS3
etag: W/"e3ec283676d4a959b7cea2186d8b8f0a"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: 6WUnPKUwpuefC8G3h-TEie7ebEVgDoletnXBBi71XIPeY1NX-MyXcA==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v3/ 567 KB
63 KB 18ms
18ms XHR
application/json 2600:9000:238d:c00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=now.gg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:c00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f7b2d975bcb2d8a1721b05614ee72f9e22b77e32e00e26acb4ab748e2dc994d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 18:58:47 GMT
content-encoding: br
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 59766
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 22 Feb 2024 23:59:20 GMT
server: AmazonS3
etag: W/"d55f732e6bf4d042e13de717bb307487"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: zPfFQA0jwanLp2uP8M7Hu8MQ54dbdVA69FRgsSj2HAmORzRV7zyS8A==

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 142 KB
33 KB 39ms
39ms XHR
application/json 2600:9000:238d:c00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=now.gg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:c00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd02da2948fa6757e3276520949ae2f4497129bb84d87f1fb08bb4d7760071d4

Request headers

Accept: application/json, text/plain, */*
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:00:27 GMT
content-encoding: br
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 30866
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Feb 2024 03:00:24 GMT
server: AmazonS3
etag: W/"5724f6850cad5bb05d3eb24b94f2b528"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: BrNklxx5Hc1-5zHqEy4N_00wCIgJapQmgB1rjZyhxtDWwWleWYfT8A==

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 114ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://educationbluemoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 22:30:36 GMT
x-content-type-options: nosniff
age: 133456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 22:30:36 GMT

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 79ms
13ms XHR
text/plain 52.28.79.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22mw9xJtqPQGFbC%22%2C%22domain%22%3A%22educationbluemoon.com%22%2C%22publisher%22%3A%22now.gg%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.51%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22qUckPGoSvWyKIzNFcuKTYA%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1708774492654%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-8s456hb8nx1uesh5t5pr%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/51/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.28.79.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-79-158.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 24 Feb 2024 11:34:52 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK whiteLogo.svg
cdn.now.gg/apps-content/img/homepage/ 16 KB
16 KB 12ms
11ms Image
image/svg+xml 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/apps-content/img/homepage/whiteLogo.svg?qc-size=249,67
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a48aec07c97d0b435ea1432178f0fd6b950098fe6c31cc25737bff56d7170a3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sat, 24 Feb 2024 11:34:52 GMT
Last-Modified: Wed, 07 Jul 2021 04:47:13 GMT
Server: AmazonS3
x-amz-request-id: R23PRW44X25SFP4R
ETag: "7c5aa7228913df8f78d1cfc420015fbd"
Content-Type: image/svg+xml
Cache-Control: max-age=62532
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15951
x-amz-id-2: ZKZYGIJ8clyJBFdNPK8PXkpv01mdy8auAj0zS+Wp+59E0Rd2Q5SHRBnhpYQwghmRqGD2WJGLmE4=
Expires: Sun, 25 Feb 2024 04:57:04 GMT

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db091352fcaa3462cce0ff4e640ff4e7c00fe32c076340c600f934498cc34ff3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

OPTIONS
H2 200 /
sessions.bugsnag.com/ 0
0 217ms
165ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://educationbluemoon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
131 B 166ms
165ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://educationbluemoon.com/
Bugsnag-Sent-At: 2024-02-24T11:34:52.977Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: 5409ce593426cf95bd284a5b809c62c5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 google
bugsnag-session-uuid: 6b9bf111-8eab-4765-8d4d-4ede25550419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

OPTIONS
H2 200 /
sessions.bugsnag.com/ 0
0 164ms
164ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://educationbluemoon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 google

POST
H3 202 / Show response
sessions.bugsnag.com/ 21 B
35 B 168ms
168ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://educationbluemoon.com/
Bugsnag-Sent-At: 2024-02-24T11:34:53.164Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: 5409ce593426cf95bd284a5b809c62c5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 google
bugsnag-session-uuid: 66ee36a3-fd70-4c87-b006-8a50d155a261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
255 B 286ms
285ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: Yrxw2-E8hmZ181UdrxNg-XXAnK-w3frOs54mwacWPN8kRfZ55zm__A==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
256 B 284ms
284ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: SMPPx7KVX-VVZKVyzy6O929rAhcoDJoiHDGuD3MvK-doXcwjQwH4ag==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
256 B 279ms
279ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: ljBUBlWTxfbuJ5TFbHxrt7vP5LpfmuE97wlKivHTnzjllb7GjHpK0Q==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
255 B 281ms
281ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: xfUSmfMH8IdorhJAZ98es0Zc6ApZxEzm4Io4EJkFXMrZz_t2gsYYdA==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
256 B 285ms
285ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: fP6TjvyFA73KR_LmiKrYWJGOwpN-OzHc1pJALPOrWnbzIEIq0U4YMQ==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
H3 200 image
cdn.now.gg/assets-opt/_next/ 138 KB
138 KB 28ms
28ms Image
image/webp 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.now.gg/assets-opt/_next/image?url=https%3A%2F%2Fcdn.now.gg%2Fapps-content%2Fcom.roblox.client%2Fbanner%2Fdesktop%2Froblox.jpg&w=3840&q=80

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

91d5a5ddf80bdc23f981fd38247ee4b6c179a1df9c8b530b6db28225e3f9f037

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Sat, 24 Feb 2024 11:34:53 GMT
etag: kdWl3fgL3CP5gf04JH7ktsF5od+ci1MLbbKCJeP58Dc=
cdn-origin-protocol: HTTP
content-type: image/webp
x-nextjs-cache: MISS
cache-control: public, must-revalidate, max-age=1754
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="roblox.webp"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 141222
x-forward-proto: http
quic-version: 0x00000001

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
255 B 279ms
279ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: Fr1sTsD-1CxuHqrddA1nQMIoyJ5lJTLcFqUGbHHw4VzHGTkK2A4Wmw==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
256 B 280ms
279ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: rZRLMUqeiFDJESu1j-OzRmvKHDWU4E6TKlLvVawa3IAfXQsz4-j1jw==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
H2 401 access-token Show response
educationbluemoon.com/accounts/auth/v1/ 97 B
939 B 112ms
112ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/accounts/auth/v1/access-token

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

ba5248b834ad91c8b98c2d024e3272e470f16810b3cd0dd772907d530980690f

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' https://cdn.now.gg;script-src 'self' 'unsafe-inline' 'unsafe-eval';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
content-security-policy: img-src 'self' https://cdn.now.gg;script-src 'self' 'unsafe-inline' 'unsafe-eval';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: off
x-cache: Error from cloudfront
cross-origin-resource-policy: same-origin
content-length: 97
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"61-4dwX9iosHPTUwuLtYrKa+L8LoQM"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
access-control-allow-credentials: true
x-amz-cf-id: dK5ZeRrBXi9kk3TEebzemmTJ2T5pozWP3ecXEOEPZhek63Q242Kflw==

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
255 B 277ms
277ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: o5dRIky9-QaiVsq0jHK1WWSl9FqUc7kXEKa9AzC3TXw89vDnuWRi-w==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
254 B 281ms
281ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: TpvewRWXvIQVfgt0mglDYMj-_rS-n0ug2h6nESOZiemo8fyevptS2g==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
255 B 285ms
285ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: qRxiMUvC1TCTMraJ7zqyndO4zfFTPBElI_0wpsxC_OivrfBjW419cw==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
H2 200 logout Show response
educationbluemoon.com/accounts/auth/v1/ 53 B
889 B 201ms
201ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://educationbluemoon.com/accounts/auth/v1/logout

Requested by

Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

ecfcc1c0cbc5d394e0f75a00b8b88c989e8c52ee916112c95e5ef9f14b4fbc1b

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' https://cdn.now.gg;script-src 'self' 'unsafe-inline' 'unsafe-eval';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
content-security-policy: img-src 'self' https://cdn.now.gg;script-src 'self' 'unsafe-inline' 'unsafe-eval';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
cross-origin-resource-policy: same-origin
content-length: 53
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"35-O3KMzMhk/71U70kTLPq7I0W16t4"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
access-control-allow-credentials: true
x-amz-cf-id: -ZFJ2D7eSBEzepJcXB2SZsfWufk4GVy8wrnIRJP6JS10uMoGTFp7oQ==

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
256 B 279ms
278ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: p2S1Tsp5EUVw7dg2vQPyYJA8AfBhrx5WIIk3HUvm4UHIPYoPcIX7LA==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
256 B 281ms
281ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: SOFpgeQLRPrGYx69j8qjnbtWYCY5jE8vnVMmk5NNY3Fmg9uxHdJOxA==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
H3 200 icomoon.ttf
cdn.now.gg/nowgg-static/fonts/ 12 KB
12 KB 51ms
16ms Font
binary/octet-stream 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.now.gg/nowgg-static/fonts/icomoon.ttf?o6vr2n
Requested by: Host: cdn.now.gg
URL: https://cdn.now.gg/nowgg-static/fonts/fonts.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f32c2d0f7b8e24b92d9fbb3648aa2ee8f2a305accb9546edec42ebbaf916e9b

Request headers

Referer: https://cdn.now.gg/nowgg-static/fonts/fonts.css
Origin: https://educationbluemoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: s6fnHzJH0HB5k_8DT6lMWJYkJA7sUilU
date: Sat, 24 Feb 2024 11:34:53 GMT
x-amz-request-id: XEEK6846PXG7W0QS
x-amz-server-side-encryption: AES256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 11896
x-amz-id-2: hXqc3xnQcpNcZaSaOol7BsDvXcG5hPUB1+o5etN2n7BgiQVXsFO0Yoy1ZEqdq1Dkxocxp2miE1k=
last-modified: Fri, 08 Sep 2023 04:38:52 GMT
server: AmazonS3
etag: "b0c67f43007689138131c9781feed588"
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=278163
accept-ranges: bytes
quic-version: 0x00000001

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
257 B 293ms
292ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: JAKG4vPVHZkNv99_BMxx5c5cxj5VVZIPNwsGXUk2vqBUsngYyVFYDA==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
255 B 274ms
273ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: HbQs8DNvr5Rupf9tfUNRsy_toXfjdmHuhAsNOLxWs9gkS76Sp8Ifbw==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
255 B 282ms
282ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: lOm7ukgS2fIxm0n1zazMgflO9ryjQrzX6I1sUUy_zgldRdHKk8oYEw==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
254 B 318ms
318ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: s2LEmcktwURPoiA7OJNaJ0eBehyyJ2wArIdgalDNFDdtlWO6klzzNQ==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
H2 200 startSession Show response
educationbluemoon.com/8/api/play/v1/ 38 B
273 B 385ms
385ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/startSession?appId=5349&uaId=ua-GGYKRakDwtUUa0rxSXXUo&uaSessionId=uasess-WJMnoH6aNZ05wiuW4in4c&feSessionId=fesess-i8EaTHoyJjybpOBmyGtof&visitId=visitid-Asvk2dXjrZlUfjNuLanZX&initialOrientation=landscape&utmSource=NA&utmMedium=NA&utmCampaign=NA&deepLinkUrl=&accessCode=&ngReferrer=NA&pageReferrer=NA&ngEntryPoint=https%3A%2F%2Feducationbluemoon.com%2F&ntmSource=NA&customData=&appLaunchExtraData=&feSessionTags=nowgg&sdpType=&eVar=&feDeviceType=desktop&feOsName=window&userSource=direct&visitSource=direct&userCampaign=NA&visitCampaign=NA&userAcqVar=NA_2024_FEB_24_PST
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 924e0d2dcc114f266fcb20121b4c6e568281509a2d21391d6de91cfe175a024e

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 38
x-amz-cf-id: a12cjCfFptKhGNNOorjYvuIu5tH8ZixD5N4IO30IKvCQGC5eKTX0ZA==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
H2 200 getAppPlayFeatures Show response
educationbluemoon.com/8/api/play/v1/ 1 KB
1 KB 270ms
270ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/getAppPlayFeatures?appId=5349
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 9d9f9ebc18514be218b43569cd1b08250f718cc7e6c8c56f2520dec86ed1beff

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 1094
x-amz-cf-id: zsiv3WZoxKvfs3E1XiUwsF8PKb6pOSmicYI8WeU679HuHz4ugFvhNw==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
H3 200 roblox.png
cdn.now.gg/apps-content/com.roblox.client/icon/ 134 KB
134 KB 26ms
26ms Image
image/png 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/apps-content/com.roblox.client/icon/roblox.png
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 800e98dd70ca738e694500ef7ace98c802dfc49a2261a6534e14f099b44f520f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: m2IwgMri4J4wGULOc0m0o6DQ3ccVM1tX
date: Sat, 24 Feb 2024 11:34:53 GMT
last-modified: Thu, 14 Sep 2023 08:25:13 GMT
server: AmazonS3
x-amz-request-id: BNZWP2M3HP19WZEJ
etag: "17034044ad6ab8425cb5f8058bb995a4"
x-amz-server-side-encryption: AES256
content-type: image/png
cache-control: max-age=72816
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 137320
x-amz-id-2: OoNgmgnE2mWLvN7ZVhuxPmcqLHx5LLcjZ5BgyMJNDDNJkTdYoYiYcrrlnA6KZkawTu0CItJIbBI=
quic-version: 0x00000001

POST
H2 200 reportEvent Show response
educationbluemoon.com/8/api/play/v1/ 20 B
255 B 203ms
202ms Fetch
application/json 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://educationbluemoon.com/8/api/play/v1/reportEvent
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-81.ams1.r.cloudfront.net
Software: /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
content-length: 20
x-amz-cf-id: WrDfF94cpSDFiCu8WT8AdwM_r1A3MRJ7XXUX1AJ8rc3lSuUEJ8a1Tw==
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8

GET
H2 200 warning.53226107.svg
educationbluemoon.com/8/play/_next/static/media/ 330 B
788 B 129ms
127ms Image
image/svg+xml 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://educationbluemoon.com/8/play/_next/static/media/warning.53226107.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

515b982190d14c69309a7ad810d5982e4435ec6c0e9062df7c3b9f81c8c7599a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
content-length: 330
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"14a-18dd581b500"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: jZrSpj5iuXUNgsBr9iq1nQChqwjn8HyT7L8-HXvKc68hstu0kx1tKA==

GET
H3 200 bloxd-io.png
cdn.now.gg/apps-content/com.nowgg.h5.pub511.app51240/icon/ 305 KB
305 KB 11ms
11ms Image
image/png 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/apps-content/com.nowgg.h5.pub511.app51240/icon/bloxd-io.png
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 733fa0e2d88d598235c8ff3c94cd07c4771bfd7a5ec5b0659ab89d629737271e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: 6Mb8xhhcEWqCiU6er0qlHK_AEqIjnzvo
date: Sat, 24 Feb 2024 11:34:53 GMT
last-modified: Mon, 29 May 2023 10:50:36 GMT
server: AmazonS3
x-amz-request-id: 7XN755QME75VKXT1
etag: "073ca95aaa04052236c1228bf28c737a"
x-amz-server-side-encryption: AES256
content-type: image/png
cache-control: max-age=581374
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 312312
x-amz-id-2: AVcJZsuhNL5Tbly2gleGZ2x7Dsi1GDBBC/uC09jM+yJ1Q+2tlxHGQxmIp+v3C5Ydi4SeJ/JIRhw=
quic-version: 0x00000001

GET
H2 200 filled-star.b766385c.svg
educationbluemoon.com/8/play/_next/static/media/ 795 B
1 KB 145ms
144ms Image
image/svg+xml 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://educationbluemoon.com/8/play/_next/static/media/filled-star.b766385c.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

49ba6f3066959b345670d5a6ae104d6d7a2a3345241bc7bb90612f2bacbd308a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
content-length: 795
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"31b-18dd581b500"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: PpNxtRsb_svk1lvi9Jah-zFYpyomQyuk9bIuBegoWKiJqfpT-Li4ag==

GET
H2 200 bloxd-error.c62649cf.jpg
educationbluemoon.com/8/play/_next/static/media/ 34 KB
34 KB 127ms
127ms Image
image/jpeg 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://educationbluemoon.com/8/play/_next/static/media/bloxd-error.c62649cf.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

5955f24905a6804a1f809d25624e6dc9f984134f8fded5572a7626a295bd1eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
content-length: 34659
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"8763-18dd581b500"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: MInVAFDZ4vw6QxzGjfveXccBcE2gywdmaROJxPDXkInlATVPtGFVJg==

GET
H3 200 bloxd-io.jpg
cdn.now.gg/apps-content/com.nowgg.h5.pub511.app51240/game-tiles/ 47 KB
47 KB 23ms
23ms Image
image/jpg 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/apps-content/com.nowgg.h5.pub511.app51240/game-tiles/bloxd-io.jpg
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 065ae8d6415ca298562f5c7f3786440d51d4e628e08a2614c9c197af640b64c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: IfCNayMvOC5h7UN4frj5OJAo2A36H17Z
date: Sat, 24 Feb 2024 11:34:53 GMT
last-modified: Mon, 29 May 2023 10:50:28 GMT
server: AmazonS3
x-amz-request-id: 34H9HJZYFHJ41HHK
etag: "83302642fc508560476f1a502a8ce21d"
x-amz-server-side-encryption: AES256
content-type: image/jpg
cache-control: max-age=597513
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 48170
x-amz-id-2: 9cSwsVjEnzk42vErp0DVoszylZWzfZJONXIfiE3Rvg4jERR4zxQrWaKQjtNtRFMNPxYywN6AsKc=
quic-version: 0x00000001

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://educationbluemoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:51:41 GMT
x-content-type-options: nosniff
age: 128592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 23:51:41 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://educationbluemoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:37:36 GMT
x-content-type-options: nosniff
age: 273437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:37:36 GMT

GET
H2 200 default-profile.af9e1b7d.svg
educationbluemoon.com/8/play/_next/static/media/ 1 KB
924 B 226ms
225ms Image
image/svg+xml 18.65.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://educationbluemoon.com/8/play/_next/static/media/default-profile.af9e1b7d.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-81.ams1.r.cloudfront.net

Software

Resource Hash

eee3aa9fa310203b2bb7c9053eaf814d320c047635bf504d06e6119562eb5ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 11:34:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 29676c2ee539645954aa742bde1ce894.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2024 10:27:44 GMT
etag: W/"497-18dd581b500"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: xvd1OqqJl_51WvoGCg_z0SHm5AeBoK5D27wHPgllHJTloP0f8Bf8XA==

GET
H3 200 nowgg-logo.svg
cdn.now.gg/nowgg-static/logo/ 9 KB
9 KB 11ms
11ms Image
image/svg+xml 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.now.gg/nowgg-static/logo/nowgg-logo.svg
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 997b16fbbffed8b112b9ce3b018894a37d6b5d847e4ee559bdc31a39886701d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: W49ImHrXVRQsjl6NvJrueoak1AlEWt0S
date: Sat, 24 Feb 2024 11:34:53 GMT
last-modified: Thu, 07 Sep 2023 12:25:00 GMT
server: AmazonS3
x-amz-request-id: WMK8RQXMZ8021XKQ
etag: "66dda0b4da0f8e513ab2a0acdf496cb2"
x-amz-server-side-encryption: AES256
content-type: image/svg+xml
cache-control: max-age=566828
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 9582
x-amz-id-2: FPAxzCMMjg8exZ+ynKpAjbzDna6r2vS6TxSY7CKxTn8Bgzewl7J3Zg+j+gFqiZ3G4xS1Pj9pEvStPYU7N5K5VQ==
quic-version: 0x00000001

GET
H2 200 getAppsList Show response
now.gg/ncm/appsc/v1/ 822 KB
65 KB 12ms
11ms Fetch
application/json 18.66.112.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.gg/ncm/appsc/v1/getAppsList
Requested by: Host: educationbluemoon.com
URL: https://educationbluemoon.com/8/play/_next/static/chunks/pages/_app-a92a594514ba7072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-20.fra56.r.cloudfront.net
Software: /
Resource Hash: ad043cbe9f18d405dabe8914b06ca0330e978a05755dbcd5c0f520744397c52f

Request headers

x-ngg-skip-evar-check: true
Referer: https://educationbluemoon.com/
accept-language: de-DE,de;q=0.9
x-ngg-fe-version: berlin-v1.27.810.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 09:31:35 GMT
content-encoding: br
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7398
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Co_UU-a2UAus0cVkhevrV0eenlsSM4ifOvPMIAHksQH4o9WMrjq39A==

OPTIONS
H2 204 getAppsList
now.gg/ncm/appsc/v1/ 0
0 52ms
8ms Preflight 18.66.112.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.gg/ncm/appsc/v1/getAppsList
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-20.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-ngg-fe-version,x-ngg-skip-evar-check
Access-Control-Request-Method: GET
Origin: https://educationbluemoon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-headers: x-ngg-fe-version,x-ngg-skip-evar-check
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
age: 6721
alt-svc: h3=":443"; ma=86400
date: Sat, 24 Feb 2024 09:42:52 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-id: 6LlM7QLgoHb26y0OIVVKeAO790lrZFGGvxIeMc7-uGr-SAh9KF1GLQ==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

GET
H3 200 image
cdn.now.gg/assets-opt/_next/ 826 B
849 B 21ms
20ms Image
image/webp 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.now.gg/assets-opt/_next/image?url=https%3A%2F%2Fcdn.now.gg%2Fapps-content%2Fcom.nowgg.h5.pub899.app51848%2Ficon%2Fpepi-hospital.png&w=64&q=25

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ed57be664c5d7b3abe4300497e47b081d4cef3b8e78b79cd13b49c810c0c9449

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Sat, 24 Feb 2024 11:34:53 GMT
etag: 7Ve+Zkxdezq+QwBJfkewgdTO87jni3nNE7ScgQwMlEk=
cdn-origin-protocol: HTTP
content-type: image/webp
x-nextjs-cache: MISS
cache-control: public, must-revalidate, max-age=575
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="pepi-hospital.webp"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 826
x-forward-proto: http
quic-version: 0x00000001

GET
H3 200 image
cdn.now.gg/assets-opt/_next/ 808 B
831 B 22ms
21ms Image
image/webp 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.now.gg/assets-opt/_next/image?url=https%3A%2F%2Fcdn.now.gg%2Fapps-content%2Fcom.nowgg.h5.pub899.app51851%2Ficon%2Fpepi-hospital-2.png&w=64&q=25

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8be60f998334b5d1a29b101110926ee6fa4947231cf78c0c1982638b8e44e84a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Sat, 24 Feb 2024 11:34:53 GMT
etag: i+YPmYM0tdGimxAREJJu5vpJRyMc94wMGYJji45E6Eo=
cdn-origin-protocol: HTTP
content-type: image/webp
x-nextjs-cache: MISS
cache-control: public, must-revalidate, max-age=1644
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="pepi-hospital-2.webp"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 808
x-forward-proto: http
quic-version: 0x00000001

GET
H3 200 image
cdn.now.gg/assets-opt/_next/ 884 B
914 B 32ms
31ms Image
image/webp 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.now.gg/assets-opt/_next/image?url=https%3A%2F%2Fcdn.now.gg%2Fapps-content%2Fcom.nowgg.h5.pub899.app51849%2Ficon%2Fpepi-super-stores.png&w=64&q=25

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

405e7c66990e551a479b9aa4967f0a09d96a956bc459c146bf4179227649f2a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Sat, 24 Feb 2024 11:34:53 GMT
etag: QF58ZpkOVRpHm5qkln8KCdlqlWvEWcFGv0F5InZJ8qY=
cdn-origin-protocol: HTTP
content-type: image/webp
x-nextjs-cache: MISS
cache-control: public, must-revalidate, max-age=3080
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="pepi-super-stores.webp"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 884
x-forward-proto: http
quic-version: 0x00000001

GET
H3 200 image
cdn.now.gg/assets-opt/_next/ 1 KB
1 KB 31ms
30ms Image
image/webp 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.now.gg/assets-opt/_next/image?url=https%3A%2F%2Fcdn.now.gg%2Fapps-content%2Fcom.nowgg.h5.pub853.app51764%2Ficon%2Fminiblox.png&w=64&q=25

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1b50eac8231fdc289964658846b29da4bec5ef01323d324d67f90de55d23541a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Sat, 24 Feb 2024 11:34:53 GMT
etag: G1DqyCMf3CiZZGWIRrKdpL7F7wEyPTJNZ-kN5V0jVBo=
cdn-origin-protocol: HTTP
content-type: image/webp
x-nextjs-cache: HIT
cache-control: public, must-revalidate, max-age=3044
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="miniblox.webp"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1480
x-forward-proto: http
quic-version: 0x00000001

GET
H3 200 image
cdn.now.gg/assets-opt/_next/ 810 B
842 B 34ms
33ms Image
image/webp 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.now.gg/assets-opt/_next/image?url=https%3A%2F%2Fcdn.now.gg%2Fapps-content%2Fcom.nowgg.h5.pub560.app51304%2Ficon%2Fsmash-karts.png&w=64&q=25

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f41869d240729907b19cb45a8a67ee75bba897e95b655279118ee10a2aa2d9c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Sat, 24 Feb 2024 11:34:53 GMT
etag: 9Bhp0kBymQexnLRaimfudbuol+lbZVJ5EY7hCiqi2ck=
cdn-origin-protocol: HTTP
content-type: image/webp
x-nextjs-cache: MISS
cache-control: public, must-revalidate, max-age=2449
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="smash-karts.webp"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 810
x-forward-proto: http
quic-version: 0x00000001

GET
H3 200 image
cdn.now.gg/assets-opt/_next/ 526 B
549 B 22ms
22ms Image
image/webp 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.now.gg/assets-opt/_next/image?url=https%3A%2F%2Fcdn.now.gg%2Fapps-content%2Fcom.nowgg.h5.pub813.app51692%2Ficon%2Fmostly-only-up.png&w=64&q=25

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f78c3a648c87c94f8fad6ce7fe12e7768c5f0460015589c9de5d12f0b3a9eac6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Sat, 24 Feb 2024 11:34:53 GMT
etag: 94w6ZIyHyU+PrWzn-hLndoxfBGABVYnJ3l0S8LOp6sY=
cdn-origin-protocol: HTTP
content-type: image/webp
x-nextjs-cache: HIT
cache-control: public, must-revalidate, max-age=1616
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="mostly-only-up.webp"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 526
x-forward-proto: http
quic-version: 0x00000001

GET
H3 200 image
cdn.now.gg/assets-opt/_next/ 888 B
911 B 23ms
22ms Image
image/webp 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.now.gg/assets-opt/_next/image?url=https%3A%2F%2Fcdn.now.gg%2Fapps-content%2Fcom.nowgg.h5.pub511.app51240%2Ficon%2Fbloxd-io.png&w=64&q=25

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9efae5109f6cb6482e3299946c1d6ad38d74c5740883b3b36c6f91817ab5371d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Sat, 24 Feb 2024 11:34:53 GMT
etag: nvrlEJ9stkguMpmUbB1q0410xXQIg7OzbG+RgXq1Nx0=
cdn-origin-protocol: HTTP
content-type: image/webp
x-nextjs-cache: MISS
cache-control: public, must-revalidate, max-age=1904
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="bloxd-io.webp"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 888
x-forward-proto: http
quic-version: 0x00000001

GET
H3 200 image
cdn.now.gg/assets-opt/_next/ 998 B
1022 B 23ms
23ms Image
image/webp 2a02:26f0:3500:11::215:14d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.now.gg/assets-opt/_next/image?url=https%3A%2F%2Fcdn.now.gg%2Fapps-content%2Fcom.nowgg.h5.pub501.app51551%2Ficon%2Fnarrow-one.png&w=64&q=25

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1d195fd3492205bae48e031e5fbad1d8499068523e4ca28a8a732905d044d002

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://educationbluemoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Sat, 24 Feb 2024 11:34:53 GMT
etag: HRlf00kiBbrkjgMeX7rR2EmQaFI+TKKKinMpBdBE0AI=
cdn-origin-protocol: HTTP
content-type: image/webp
x-nextjs-cache: MISS
cache-control: public, must-revalidate, max-age=1874
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="narrow-one.webp"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 998
x-forward-proto: http
quic-version: 0x00000001

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://educationbluemoon.com/accounts/auth/v1/access-token Message: Failed to load resource: the server responded with a status of 401 ()
javascript	warning	URL: https://educationbluemoon.com/ Message: The resource https://www.googletagservices.com/tag/js/gpt.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cmp.inmobi.com
cdn.now.gg
cmp.inmobi.com
cmp.quantcast.com
educationbluemoon.com
fonts.googleapis.com
fonts.gstatic.com
now.gg
sessions.bugsnag.com
www.googletagmanager.com
www.googletagservices.com
18.195.3.64
18.65.39.20
18.65.39.81
18.66.112.20
2600:1901:0:7a0b::
2600:9000:238d:c00:1b:cadc:ef40:93a1
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2008
2a00:1450:4001:827::200a
2a00:1450:4001:830::2003
2a02:26f0:3500:11::215:14d2
52.28.79.158
02c0be8ea18d9ac937ddb0dcea4cad23e7696095fe56a9f38aeba239814c552a
065ae8d6415ca298562f5c7f3786440d51d4e628e08a2614c9c197af640b64c4
09a522a1fc71ebbf80ab0ae09f9e874fbf863c5f5f7f197b34445f6aaebefb2c
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
10d044443215522cdd4a8cdf3ac9b46a42dfc954dd51fec7ae4855785d442721
167f96e5a9332da2235f40ee2633f1a53bc89afd995d8b0d003a94c797752017
1b50eac8231fdc289964658846b29da4bec5ef01323d324d67f90de55d23541a
1c628077193ae85331c4e0e7e3e5b0880ca6bbfd9de1362431dd4ab36237cf56
1d195fd3492205bae48e031e5fbad1d8499068523e4ca28a8a732905d044d002
1f37e8194b97e0883770b446f97e826a255541de2de07caa769c471175b807d1
2f8c44d59686a646e29e67f464a88898f4adcacbdb8f133390532b7c57e4621c
36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665
37fe4b572e156670aa80ba9e07e56c8f7fcd0a6403d968328dd682b59275d06c
3f32c2d0f7b8e24b92d9fbb3648aa2ee8f2a305accb9546edec42ebbaf916e9b
405e7c66990e551a479b9aa4967f0a09d96a956bc459c146bf4179227649f2a6
40fe005a3ba25487d609b370cb24ad12d216d45a18d6479c8be0812bfc77f666
44268b882152f0d910c99228177e6846f5c1d16a278e2f92606303a09d48b515
445559777fbb22420974a46dfe56fb5835c40190c744a7e5c0b38a1460e7686f
49ba6f3066959b345670d5a6ae104d6d7a2a3345241bc7bb90612f2bacbd308a
515b982190d14c69309a7ad810d5982e4435ec6c0e9062df7c3b9f81c8c7599a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5955f24905a6804a1f809d25624e6dc9f984134f8fded5572a7626a295bd1eca
5b8adc7de4d864f70ec414fbccd56b359d2bbfe4238813ed51aab2a926b41370
67f1eca8635312802c60faf4e4dfd153fc4ca2db8969c0ed2c46b44899e278ad
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f632c84ef470429f789a4e5f7aeced487fae7c8a83ceafb7e742ec10496ca9f
6f7b2d975bcb2d8a1721b05614ee72f9e22b77e32e00e26acb4ab748e2dc994d
733fa0e2d88d598235c8ff3c94cd07c4771bfd7a5ec5b0659ab89d629737271e
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
800e98dd70ca738e694500ef7ace98c802dfc49a2261a6534e14f099b44f520f
86dc62e1a6301a1839dd51ba14b9e2de6eaeb36272620a4e4a7711539ad2113c
879be798349097969e182a91d5f93d548738293643c4f57be88d63c5790352e0
8be60f998334b5d1a29b101110926ee6fa4947231cf78c0c1982638b8e44e84a
91d5a5ddf80bdc23f981fd38247ee4b6c179a1df9c8b530b6db28225e3f9f037
924e0d2dcc114f266fcb20121b4c6e568281509a2d21391d6de91cfe175a024e
997b16fbbffed8b112b9ce3b018894a37d6b5d847e4ee559bdc31a39886701d6
9bd24c0670030a302f256a724124fb90cbc18b2ab523bdc5c806827c1823ae6e
9d9f9ebc18514be218b43569cd1b08250f718cc7e6c8c56f2520dec86ed1beff
9e8c3fd01ffb3997c93afd9e09b11fe66ab37ada7f083b280a1b372ca5a6671a
9efae5109f6cb6482e3299946c1d6ad38d74c5740883b3b36c6f91817ab5371d
a48aec07c97d0b435ea1432178f0fd6b950098fe6c31cc25737bff56d7170a3a
abe4ea2424cdaed8834843c5b9a05d8da6dc734cbbef28e1e50944e450c3577b
ac0deee4c6d1a3d777dd3b509c853673ad89e4b974c13b67e24cc0adeeb89723
ad043cbe9f18d405dabe8914b06ca0330e978a05755dbcd5c0f520744397c52f
b02dc332326f00549b6a1c258a2d96daa91b2083aebe4d991ae6635984fa9484
b239732ad459c20bb68d4632d638151b8fa6c889e45feaa5f5fb26ff0be45659
ba5248b834ad91c8b98c2d024e3272e470f16810b3cd0dd772907d530980690f
babe001d34f6a68189bf47b07f6df9fea7572fe8edc910a08e6011fd21b8cd0e
c5c0a8bbc16dfcb1edab334fdcc7c3c7e441a8da0c81b2139ab445fff5ce4283
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d2fb31b13937b4f1209e343fcc2367beef1d09ad819c1131ddc5d49fbcfe9278
db091352fcaa3462cce0ff4e640ff4e7c00fe32c076340c600f934498cc34ff3
dc7fc9cf4b1eecd151dfc037447c16a61f42797ebef4725ddc34dd55bdd78d42
dd67a2c615c4bce59788067e94ea0657c05c17dd306f007bbab916b543298838
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
ecfcc1c0cbc5d394e0f75a00b8b88c989e8c52ee916112c95e5ef9f14b4fbc1b
ed57be664c5d7b3abe4300497e47b081d4cef3b8e78b79cd13b49c810c0c9449
eee3aa9fa310203b2bb7c9053eaf814d320c047635bf504d06e6119562eb5ee9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12a152cb5cc404fb615bbdec1245fc6a39cca13bfc48067e22c95acb33304d5
f41869d240729907b19cb45a8a67ee75bba897e95b655279118ee10a2aa2d9c9
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f78c3a648c87c94f8fad6ce7fe12e7768c5f0460015589c9de5d12f0b3a9eac6
fae546ababb0117f4fc38362bbefe43df769fa7ea14768e8f69964d63f979387
fd02da2948fa6757e3276520949ae2f4497129bb84d87f1fb08bb4d7760071d4

educationbluemoon.com Open in urlscan Pro 18.65.39.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

99 %HTTPS

58 %IPv6

9 Domains

11 Subdomains

11 IPs

2 Countries

1672 kBTransfer

5414 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

educationbluemoon.com Open in urlscan Pro
18.65.39.81 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

99 %
HTTPS

58 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

1672 kB
Transfer

5414 kB
Size

0
Cookies

83 HTTP transactions
2 data transactions