www.playphrase.me Open in urlscan Pro
191.96.97.118  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.playphrase.me/	13 KB 14 KB	459ms 222ms	Document text/html	191.96.97.118 ASDETUK www.hefic...
General Check archive.org Show headers Download Go to Full URL https://www.playphrase.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.96.97.118 Chicago, United States, ASN61317 (ASDETUK www.heficed.com, GB), Reverse DNS Software nginx / Resource Hash dc2d8daef31780b0b89dd03029b4e55e29836d1ab21a8c4c55f8397f59f8dea7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx Date Sun, 05 Dec 2021 14:18:20 GMT Content-Type text/html;charset=utf-8 Content-Length 13482 Connection keep-alive Access-Control-Allow-Origin * X-XSS-Protection 1; mode=block X-Frame-Options SAMEORIGIN X-Content-Type-Options nosniff
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/	152 KB 25 KB	53ms 24ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.playphrase.me/ Origin https://www.playphrase.me Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 05 Dec 2021 14:18:21 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 601, 617, 617 age 19552560 cdn-cachedat 2021-04-23 08:46:12 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:08 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid cd11a749dbbd9cfbffeca11ead769d45 cf-ray 6b8de73a7eac2c4e-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H2	200	all.css use.fontawesome.com/releases/v5.7.2/css/	53 KB 12 KB	62ms 20ms	Stylesheet text/css	2606:4700:3031::ac43:d645 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.7.2/css/all.css Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf Request headers Referer https://www.playphrase.me/ Origin https://www.playphrase.me Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 05 Dec 2021 14:18:21 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 13111832 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id FKYES3TQ1AV7Y7KE x-amz-id-2 HdbOV8Mvb7SAyRoi1VL4IwGsUAWOHv0xnzINUWTY7t1ZJG4EdSEsGEVvRHUlEjVbytWpDAMSwnA= last-modified Wed, 30 Jun 2021 15:45:57 GMT server cloudflare etag W/"7b1d7f457d056ace7b230b587b9f3753" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gX%2Fo8oLYWAz6DzeXu7U2PY70XOgXVDaqJ1cMptwrfAqE%2B%2FgXv6R8FgIs6MKM9hKRg31QEPrX1nwYc8vlRpDuXJAxb9DGGINb9VUYEiNA1u4UTJDDSueVUNjIPJXSFzAvWux2nUTOMkn3MgrIdLotzHPf"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 6b8de73a883ed6d9-FRA
GET H/1.1	200 OK	screen.css www.playphrase.me/css/	17 KB 17 KB	108ms 108ms	Stylesheet text/css	191.96.97.118 ASDETUK www.hefic...
General Check archive.org Show headers Download Go to Full URL https://www.playphrase.me/css/screen.css Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.96.97.118 Chicago, United States, ASN61317 (ASDETUK www.heficed.com, GB), Reverse DNS Software nginx / Resource Hash e2192276ea479b92ef6cd630065eca1dd2ecbbba1e6d82668ea0f07048efe1f4 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.playphrase.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 05 Dec 2021 14:18:21 GMT X-Content-Type-Options nosniff Last-Modified Wed, 10 Nov 2021 11:41:22 GMT Server nginx X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Connection keep-alive Content-Length 17226 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	modal-image.css www.playphrase.me/css/	2 KB 2 KB	217ms 107ms	Stylesheet text/css	191.96.97.118 ASDETUK www.hefic...
General Check archive.org Show headers Download Go to Full URL https://www.playphrase.me/css/modal-image.css Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.96.97.118 Chicago, United States, ASN61317 (ASDETUK www.heficed.com, GB), Reverse DNS Software nginx / Resource Hash fea457a81322fcc788e2fdc7f9b4a7c55d4691f10fa6f0704ddd7615151c1f1e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.playphrase.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 05 Dec 2021 14:18:21 GMT X-Content-Type-Options nosniff Last-Modified Wed, 10 Nov 2021 11:41:22 GMT Server nginx X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Connection keep-alive Content-Length 1679 X-XSS-Protection 1; mode=block
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	32ms 14ms	Stylesheet text/css	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.playphrase.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 05 Dec 2021 14:18:21 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2037961 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5631 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bdidi6vy23XRtULyh0OJMUSwD3U7p%2BbbUPApaSUZRgBv%2BZcuSVJGup4kbdOz4YMjLhMcBmCDs%2BVTKNjipf%2BFQJvqudfWQNh4kC4FdCKYr59yW%2F0769lJSdZgO3tdXKdGz3ophxlDrGc0xUeHTpqI57qS"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6b8de73a59cb4ec2-FRA expires Fri, 25 Nov 2022 14:18:21 GMT
GET H2	200	css fonts.googleapis.com/	24 KB 1 KB	41ms 18ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1bf5b1b16e02956377f2b4a2dda9eea5c5a4d1488137b2be48b3abc6b354090d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.playphrase.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 05 Dec 2021 13:47:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 05 Dec 2021 14:18:21 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 05 Dec 2021 14:18:21 GMT
GET H2	200	css fonts.googleapis.com/	398 B 820 B	39ms 16ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Gloria+Hallelujah Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 802f6e4b72cb590a3dfca6f57d7239bb89103daba9e39230147bede60f334d61 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.playphrase.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 05 Dec 2021 13:35:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 05 Dec 2021 14:18:21 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 05 Dec 2021 14:18:21 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 696 B	39ms 16ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2dc6d84e399fcbfe21a4f42da720561e4a9001cf8f7eb2ac3146643316309846 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.playphrase.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 05 Dec 2021 14:18:21 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 05 Dec 2021 14:18:21 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 05 Dec 2021 14:18:21 GMT
GET H/1.1	200 OK	iphone-inline-video.min.js Show response www.playphrase.me/js/	4 KB 4 KB	319ms 107ms	Script text/javascript	191.96.97.118 ASDETUK www.hefic...
General Check archive.org Show headers Download Go to Full URL https://www.playphrase.me/js/iphone-inline-video.min.js Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.96.97.118 Chicago, United States, ASN61317 (ASDETUK www.heficed.com, GB), Reverse DNS Software nginx / Resource Hash 5dbc0df78793896ae6a870300e65de3da985a9e92014eb255ec98f043707ee33 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.playphrase.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 05 Dec 2021 14:18:21 GMT X-Content-Type-Options nosniff Last-Modified Wed, 10 Nov 2021 11:41:22 GMT Server nginx X-Frame-Options SAMEORIGIN Content-Type text/javascript; charset=utf-8 Connection keep-alive Content-Length 4086 X-XSS-Protection 1; mode=block
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	42ms 20ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-56061701-1 Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5777b8e40fa5136f16de6c3c3c327ed1a7bfad216b7a4769b34fe2d2e49e3555 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.playphrase.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 05 Dec 2021 14:18:21 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36229 x-xss-protection 0 last-modified Sun, 05 Dec 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 05 Dec 2021 14:18:21 GMT
GET H/1.1	200 OK	app.js Show response www.playphrase.me/js/	1 MB 1 MB	425ms 213ms	Script text/javascript	191.96.97.118 ASDETUK www.hefic...
General Check archive.org Show headers Download Go to Full URL https://www.playphrase.me/js/app.js?r=13829598 Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.96.97.118 Chicago, United States, ASN61317 (ASDETUK www.heficed.com, GB), Reverse DNS Software nginx / Resource Hash b03b3479fdbe146e2e825588b7750e7376b6742aa8403c43bf8d9741b6e9501f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.playphrase.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 05 Dec 2021 14:18:21 GMT X-Content-Type-Options nosniff Last-Modified Wed, 10 Nov 2021 11:41:22 GMT Server nginx X-Frame-Options SAMEORIGIN Content-Type text/javascript; charset=utf-8 Connection keep-alive Content-Length 1158856 X-XSS-Protection 1; mode=block
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	16 KB 16 KB	30ms 8ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.playphrase.me Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 01 Dec 2021 05:33:18 GMT x-content-type-options nosniff age 377103 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 01 Dec 2022 05:33:18 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 fonts.gstatic.com/s/roboto/v29/	10 KB 10 KB	35ms 15ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.playphrase.me Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 01 Dec 2021 11:06:27 GMT x-content-type-options nosniff age 357114 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9776 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:26 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 01 Dec 2022 11:06:27 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	32ms 13ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.playphrase.me Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 01 Dec 2021 15:45:42 GMT x-content-type-options nosniff age 340359 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 01 Dec 2022 15:45:42 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	29ms 6ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-56061701-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.playphrase.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 4635 date Sun, 05 Dec 2021 13:01:07 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sun, 05 Dec 2021 15:01:07 GMT
GET H2	200	LYjYdHv3kUk9BMV96EIswT9DIbW-MIS11zM.woff2 fonts.gstatic.com/s/gloriahallelujah/v12/	18 KB 18 KB	8ms 6ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/gloriahallelujah/v12/LYjYdHv3kUk9BMV96EIswT9DIbW-MIS11zM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Gloria+Hallelujah Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8ed71d9367b33bcbc1bfd1a6e92cd57d7245c06a2f3917931cf0ef3a04ba7713 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.playphrase.me Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 23:10:08 GMT x-content-type-options nosniff age 400094 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18692 x-xss-protection 0 last-modified Tue, 01 Sep 2020 04:37:27 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 30 Nov 2022 23:10:08 GMT
GET H2	200	fa-regular-400.woff2 use.fontawesome.com/releases/v5.7.2/webfonts/	13 KB 14 KB	17ms 17ms	Font font/woff2	2606:4700:3031::ac43:d645 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-regular-400.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 940b3908bf9fc263ff7a9640fd719a1a3ecca9e1224e9ce4758053fa01edbcc0 Request headers Referer https://use.fontawesome.com/releases/v5.7.2/css/all.css Origin https://www.playphrase.me Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 05 Dec 2021 14:18:22 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3241986 cf-ray 6b8de7415a26d6d9-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 13592 x-amz-id-2 Jud4kDdNgD+Rb4UGlvTN5TuVKIjvTRmZZUP4PBkt9nX7lKHX3P1uO3cDHkYoFy8Tg2kqOdElzDw= last-modified Wed, 30 Jun 2021 15:46:18 GMT server cloudflare etag "65779ebcc35604a25c2ba77309c5b8af" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKcS1e4cB%2FPD%2FEsAeDeGI2tOMStjGz36bu4uxQ9KeczZy7Ev%2F75WqGmu9RZAudnzLv3vtvJJaS8lesqgiI99a32A%2FD8HB0eiq9v5l37us%2FZHCpAxm%2FYyjmJ9QezQHlOWPS0unMBbdhhFDgCZ8cyyn3aE"}],"group":"cf-nel","max_age":604800} x-amz-request-id 6V8DJ7S1XP92BRTX access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes content-type font/woff2
GET H2	200	fa-brands-400.woff2 use.fontawesome.com/releases/v5.7.2/webfonts/	70 KB 71 KB	18ms 17ms	Font font/woff2	2606:4700:3031::ac43:d645 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-brands-400.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e Request headers Referer https://use.fontawesome.com/releases/v5.7.2/css/all.css Origin https://www.playphrase.me Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 05 Dec 2021 14:18:22 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 13111672 cf-ray 6b8de7415a29d6d9-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 72112 x-amz-id-2 isO9aBlI9BjdfXNY+3V1RBH4n0k/BWSxy+tLf3Tn5gASgAN+noRg5MbyJGG6yaksW0dIyCRNIb4= last-modified Wed, 30 Jun 2021 15:46:18 GMT server cloudflare etag "4b115e1153a9ea339d6a0bb284cc8ed3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGPOk7NZXvaKrciTe37SCpEZBJtD2BV9zWA3UnBs2sBYdPmPrW%2BuNRF43sS6%2FgM1NJ2k0bqO0HGMC6XYAcqh3Y7ZyIdHofQpGVm9IgDYHrWMC6EHdzXOTHAZESFUcMjjITX%2Bb2VBjNjhl1g%2BkmF04hiq"}],"group":"cf-nel","max_age":604800} x-amz-request-id RWANKSA9NY1W0SZB access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes content-type font/woff2
GET H2	200	gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2 fonts.gstatic.com/s/materialiconsoutlined/v92/	143 KB 143 KB	9ms 9ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialiconsoutlined/v92/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 32738b648d59e35c15da826e765b97b3a6fb06f90536d94477a72ac6d6516538 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.playphrase.me Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 21:13:57 GMT x-content-type-options nosniff age 407065 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 145924 x-xss-protection 0 last-modified Tue, 30 Nov 2021 20:49:40 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 30 Nov 2022 21:13:57 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.playphrase.me Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 20:07:55 GMT x-content-type-options nosniff age 411027 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 30 Nov 2022 20:07:55 GMT
GET H/1.1	200 OK	all-phrases-count Show response www.playphrase.me/api/v1/phrases/	7 B 396 B	107ms 107ms	XHR application/json	191.96.97.118 ASDETUK www.hefic...
General Check archive.org Show headers Download Go to Full URL https://www.playphrase.me/api/v1/phrases/all-phrases-count Requested by Host: www.playphrase.me URL: https://www.playphrase.me/js/app.js?r=13829598 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.96.97.118 Chicago, United States, ASN61317 (ASDETUK www.heficed.com, GB), Reverse DNS Software nginx / Resource Hash e22431fc84e033c6df1a88e6d19873b120eb211322e130f9836a57d9a4122885 Request headers Accept json Referer https://www.playphrase.me/ X-Csrf-Token cmf6ALYjeK3Xxi1Wobc1dIitdPqz+IjROylUqKHePZ+HQCkfROzIedaKmgSWlbgJogBBpd5HpkcmvFLF Accept-Language de-DE,de;q=0.9 Authorization Token User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type json Response headers Date Sun, 05 Dec 2021 14:18:22 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Access-Control-Allow-Methods GET, PUT, PATCH, POST, DELETE, OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers Authorization, Content-Type Content-Length 27
GET H/1.1	200 OK	search Show response www.playphrase.me/api/v1/phrases/	18 KB 3 KB	114ms 114ms	XHR application/json	191.96.97.118 ASDETUK www.hefic...
General Check archive.org Show headers Download Go to Full URL https://www.playphrase.me/api/v1/phrases/search?q=certain&limit=10&platform=desktop%20safari&skip=0 Requested by Host: www.playphrase.me URL: https://www.playphrase.me/js/app.js?r=13829598 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.96.97.118 Chicago, United States, ASN61317 (ASDETUK www.heficed.com, GB), Reverse DNS Software nginx / Resource Hash 6adcf85bc5198274eac897605bf2845ba2d5bf281ad903bba7719fcc7287abe5 Request headers Accept json Referer https://www.playphrase.me/ X-Csrf-Token cmf6ALYjeK3Xxi1Wobc1dIitdPqz+IjROylUqKHePZ+HQCkfROzIedaKmgSWlbgJogBBpd5HpkcmvFLF Accept-Language de-DE,de;q=0.9 Authorization Token User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type json Response headers Date Sun, 05 Dec 2021 14:18:22 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Access-Control-Allow-Methods GET, PUT, PATCH, POST, DELETE, OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers Authorization, Content-Type Content-Length 2688
GET H/1.1	200 OK	apple-store-button@1x.png www.playphrase.me/img/	43 KB 43 KB	214ms 214ms	Image image/png	191.96.97.118 ASDETUK www.hefic...
General Check archive.org Show headers Download Go to Show image Full URL https://www.playphrase.me/img/apple-store-button@1x.png Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.96.97.118 Chicago, United States, ASN61317 (ASDETUK www.heficed.com, GB), Reverse DNS Software nginx / Resource Hash 43b0b2c7393b230ef2e709b4657ab8f6f87af67b7f3591a3f0faec5c29ce38f0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.playphrase.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 05 Dec 2021 14:18:22 GMT X-Content-Type-Options nosniff Last-Modified Wed, 10 Nov 2021 11:41:22 GMT Server nginx X-Frame-Options SAMEORIGIN Content-Type image/png Connection keep-alive Content-Length 43684 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	google-play-button@1x.png www.playphrase.me/img/	41 KB 42 KB	213ms 213ms	Image image/png	191.96.97.118 ASDETUK www.hefic...
General Check archive.org Show headers Download Go to Show image Full URL https://www.playphrase.me/img/google-play-button@1x.png Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.96.97.118 Chicago, United States, ASN61317 (ASDETUK www.heficed.com, GB), Reverse DNS Software nginx / Resource Hash 354d551557df187ae0ee4abb4d79009c7abd790a5bc8fb6f4fd83bc7266ff96d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.playphrase.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 05 Dec 2021 14:18:22 GMT X-Content-Type-Options nosniff Last-Modified Wed, 10 Nov 2021 11:41:22 GMT Server nginx X-Frame-Options SAMEORIGIN Content-Type image/png Connection keep-alive Content-Length 42369 X-XSS-Protection 1; mode=block
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	28ms 14ms	XHR text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2118107117&t=pageview&_s=1&dl=https%3A%2F%2Fwww.playphrase.me%2F&ul=en-us&de=UTF-8&dt=PlayPhrase.me%3A%20Site%20for%20cinema%20archaeologists.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1714153325&gjid=1878779631&cid=774647814.1638713902&tid=UA-56061701-1&_gid=654062950.1638713902&_r=1&gtm=2ouc10&z=387593467 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.playphrase.me/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 05 Dec 2021 14:18:22 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.playphrase.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	common-phrases Show response www.playphrase.me/api/v1/phrases/	362 B 518 B	113ms 113ms	XHR application/json	191.96.97.118 ASDETUK www.hefic...
General Check archive.org Show headers Download Go to Full URL https://www.playphrase.me/api/v1/phrases/common-phrases?q=certain Requested by Host: www.playphrase.me URL: https://www.playphrase.me/js/app.js?r=13829598 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.96.97.118 Chicago, United States, ASN61317 (ASDETUK www.heficed.com, GB), Reverse DNS Software nginx / Resource Hash 010cdee0e209febd465995f6fe7dbd986286b0b234a1192ccb4609df5999c2d4 Request headers Accept json Referer https://www.playphrase.me/ X-Csrf-Token cmf6ALYjeK3Xxi1Wobc1dIitdPqz+IjROylUqKHePZ+HQCkfROzIedaKmgSWlbgJogBBpd5HpkcmvFLF Accept-Language de-DE,de;q=0.9 Authorization Token User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type json Response headers Date Sun, 05 Dec 2021 14:18:22 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Access-Control-Allow-Methods GET, PUT, PATCH, POST, DELETE, OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers Authorization, Content-Type Content-Length 148
GET H/1.1	206 Partial Content	5e8b8f0c24aa9a0025d1d36c.mp4 video.playphrase.me/5b1831e28079eb4cd4a48f13/	464 KB 0	554ms 214ms	Media video/mp4	191.96.97.10 ASDETUK www.hefic...
General Check archive.org Show headers Download Go to Full URL https://video.playphrase.me/5b1831e28079eb4cd4a48f13/5e8b8f0c24aa9a0025d1d36c.mp4 Requested by Host: www.playphrase.me URL: https://www.playphrase.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.96.97.10 Chicago, United States, ASN61317 (ASDETUK www.heficed.com, GB), Reverse DNS Software nginx / Express Resource Hash Request headers Referer https://www.playphrase.me/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Range bytes=0- Response headers Date Sun, 05 Dec 2021 14:18:22 GMT Server nginx X-Powered-By Express Content-Type video/mp4 Content-Range bytes 0-743915/743916 Connection keep-alive Accept-Ranges bytes Content-Length 743916
GET H/1.1	200 OK	video-view Show response www.playphrase.me/api/v1/phrases/	4 B 393 B	108ms 107ms	XHR application/json	191.96.97.118 ASDETUK www.hefic...
General Check archive.org Show headers Download Go to Full URL https://www.playphrase.me/api/v1/phrases/video-view?video-id=5e8b8f0c24aa9a0025d1d36c&platform=desktop%20safari Requested by Host: www.playphrase.me URL: https://www.playphrase.me/js/app.js?r=13829598 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.96.97.118 Chicago, United States, ASN61317 (ASDETUK www.heficed.com, GB), Reverse DNS Software nginx / Resource Hash 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3 Request headers Accept json Referer https://www.playphrase.me/ X-Csrf-Token cmf6ALYjeK3Xxi1Wobc1dIitdPqz+IjROylUqKHePZ+HQCkfROzIedaKmgSWlbgJogBBpd5HpkcmvFLF Accept-Language de-DE,de;q=0.9 Authorization Token User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type json Response headers Date Sun, 05 Dec 2021 14:18:22 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Access-Control-Allow-Methods GET, PUT, PATCH, POST, DELETE, OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers Authorization, Content-Type Content-Length 24

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| enableInlineVideo string| context string| csrfToken string| loginLink boolean| searchOnMobile string| searchedPhrase function| gtag object| dataLayer object| google_tag_manager object| React function| createReactClass object| ReactDOM object| __core-js_shared__ function| XRegExp object| reagent object| playphraseme object| markdown object| closure_memoize_cache_ object| closure_lm_587700 object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.playphrase.me/	1969-12-31 23:59:59	Name: ring-session Value: e3becd35-79fb-4ba4-a610-4df25c3094b3
			.playphrase.me/	1970-01-20 16:43:05	Name: _ga Value: GA1.2.774647814.1638713902
			.playphrase.me/	1970-01-19 23:13:20	Name: _gid Value: GA1.2.654062950.1638713902
			.playphrase.me/	1970-01-19 23:11:53	Name: _gat_gtag_UA_56061701_1 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
stackpath.bootstrapcdn.com
use.fontawesome.com
video.playphrase.me
www.google-analytics.com
www.googletagmanager.com
www.playphrase.me
191.96.97.10
191.96.97.118
2606:4700:3031::ac43:d645
2606:4700::6810:135e
2606:4700::6812:bcf
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:809::2008
2a00:1450:4001:82f::200a
010cdee0e209febd465995f6fe7dbd986286b0b234a1192ccb4609df5999c2d4
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1bf5b1b16e02956377f2b4a2dda9eea5c5a4d1488137b2be48b3abc6b354090d
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2dc6d84e399fcbfe21a4f42da720561e4a9001cf8f7eb2ac3146643316309846
32738b648d59e35c15da826e765b97b3a6fb06f90536d94477a72ac6d6516538
354d551557df187ae0ee4abb4d79009c7abd790a5bc8fb6f4fd83bc7266ff96d
43b0b2c7393b230ef2e709b4657ab8f6f87af67b7f3591a3f0faec5c29ce38f0
5777b8e40fa5136f16de6c3c3c327ed1a7bfad216b7a4769b34fe2d2e49e3555
5dbc0df78793896ae6a870300e65de3da985a9e92014eb255ec98f043707ee33
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6adcf85bc5198274eac897605bf2845ba2d5bf281ad903bba7719fcc7287abe5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
802f6e4b72cb590a3dfca6f57d7239bb89103daba9e39230147bede60f334d61
8ed71d9367b33bcbc1bfd1a6e92cd57d7245c06a2f3917931cf0ef3a04ba7713
940b3908bf9fc263ff7a9640fd719a1a3ecca9e1224e9ce4758053fa01edbcc0
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b03b3479fdbe146e2e825588b7750e7376b6742aa8403c43bf8d9741b6e9501f
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
dc2d8daef31780b0b89dd03029b4e55e29836d1ab21a8c4c55f8397f59f8dea7
e2192276ea479b92ef6cd630065eca1dd2ecbbba1e6d82668ea0f07048efe1f4
e22431fc84e033c6df1a88e6d19873b120eb211322e130f9836a57d9a4122885
fea457a81322fcc788e2fdc7f9b4a7c55d4691f10fa6f0704ddd7615151c1f1e