urlscan.io logo urlscan.io
SecurityTrails logo

findingauroraband.com Open in urlscan Pro
2606:4700:90:0:b518:199c:8a1f:d33b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://findingauroraband.com/
Effective URL: https://findingauroraband.com/
Submission: On April 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 32 HTTP transactions. The main IP is 2606:4700:90:0:b518:199c:8a1f:d33b, located in United States and belongs to CLOUDFLARENET, US. The main domain is findingauroraband.com.
TLS certificate: Issued by R3 on March 15th 2022. Valid for: 3 months.
This is the only time findingauroraband.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2606:4700:90:0:b518:199c:8a1f:d33b (United States)

ASN13335 (CLOUDFLARENET, US)
findingauroraband.com
9    2606:4700::6812:12d7 (United States)

ASN13335 (CLOUDFLARENET, US)
assets-production.bndzgl.com
4    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
3    2600:9000:20eb:3000:7:56a2:7e40:21 (United States)

ASN16509 (AMAZON-02, US)
d10j3mvrs1suex.cloudfront.net
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    52.60.44.78 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-44-78.ca-central-1.compute.amazonaws.com
stats.zoogletools.net
3    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
9 bndzgl.com
assets-production.bndzgl.com — Cisco Umbrella Rank: 187784
339 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
344 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
2 KB
4 findingauroraband.com
findingauroraband.com
15 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 7
23 KB
3 zoogletools.net
stats.zoogletools.net — Cisco Umbrella Rank: 237743
1 KB
3 cloudfront.net
d10j3mvrs1suex.cloudfront.net
319 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1370
609 B
32 8
Domain Requested by
9 assets-production.bndzgl.com findingauroraband.com
assets-production.bndzgl.com
4 fonts.googleapis.com findingauroraband.com
assets-production.bndzgl.com
4 findingauroraband.com 1 redirects assets-production.bndzgl.com
3 www.gstatic.com www.google.com
3 www.google.com assets-production.bndzgl.com
www.gstatic.com
www.google.com
3 stats.zoogletools.net findingauroraband.com
stats.zoogletools.net
3 fonts.gstatic.com fonts.googleapis.com
3 d10j3mvrs1suex.cloudfront.net findingauroraband.com
1 polyfill.io findingauroraband.com
32 9
Subject Issuer Validity Valid
findingauroraband.com
R3		 2022-03-15 -
2022-06-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
stats.zoogletools.net
R3		 2022-02-28 -
2022-05-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://findingauroraband.com/
Frame ID: 0566FD579BF8AE5E955A4A98AEE5A8C1
Requests: 31 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfxx4EUAAAAAIuk746FxFg6gj7Ytjx--6K2eaia&co=aHR0cHM6Ly9maW5kaW5nYXVyb3JhYmFuZC5jb206NDQz&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=a21s7p2am8x2
Frame ID: 29B7EA3D7076443232538CD9934A3C4B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Finding Aurora

Page URL History Show full URLs

  1. http://findingauroraband.com/ HTTP 301
    https://findingauroraband.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

32
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

1044 kB
Transfer

2521 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://findingauroraband.com/ HTTP 301
    https://findingauroraband.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
findingauroraband.com/
Redirect Chain
  • http://findingauroraband.com/
  • https://findingauroraband.com/
46 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://findingauroraband.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:90:0:b518:199c:8a1f:d33b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
openresty /
Resource Hash
7bb1a87100feecd5df14cd233040c03dea2034b9d95d302f14ee0edb6d95d61c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
0
cache-control
max-age=0, public, s-maxage=31556952
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 02:06:40 GMT
etag
W/"e87d0ba82e47d9ad7b55024ad0bd41a9"
last-modified
Fri, 25 Mar 2022 16:56:16 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
openresty
strict-transport-security
max-age=604800
x-clacks-overhead
GNU Terry Pratchett
x-content-digest
22382c599811c9a90cc19c8576d25f5e23d313fc
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-rack-cache
miss, store
x-request-id
d3c7d6440ed6ef693f29df48353fb591 d3c7d6440ed6ef693f29df48353fb591
x-runtime
0.460078
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Apr 2022 02:06:39 GMT
Location
https://findingauroraband.com/
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
openresty
Transfer-Encoding
chunked
X-Clacks-Overhead
GNU Terry Pratchett
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none
X-Rack-Cache
miss
X-Request-Id
5d8c47714102fdb7d0c1fcf1c32a1243 5d8c47714102fdb7d0c1fcf1c32a1243
X-Runtime
0.033350
X-XSS-Protection
1; mode=block
application-6c590940cf90100bbc46f75500f7f7ff0c75ff9e878cd9f5f9cb33574b060c36.css
assets-production.bndzgl.com/assets/usersite/ 		319 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-production.bndzgl.com/assets/usersite/application-6c590940cf90100bbc46f75500f7f7ff0c75ff9e878cd9f5f9cb33574b060c36.css
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c590940cf90100bbc46f75500f7f7ff0c75ff9e878cd9f5f9cb33574b060c36
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
278937
access-control-request-method
*
vary
Accept-Encoding
content-length
45499
x-xss-protection
1; mode=block
x-request-id
acc6cc61b5f463d3f48dcf2521e78642
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Thu, 31 Mar 2022 19:02:38 GMT
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
6f667c6f39609b33-FRA
expires
Thu, 01 Apr 2032 02:06:40 GMT
nosi-c0dea7d5.css
assets-production.bndzgl.com/packs/css/usersite/themes/ 		93 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-production.bndzgl.com/packs/css/usersite/themes/nosi-c0dea7d5.css
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4c3adca82ea036b27e91ba5185928c5bef5bb3fe21f55e8496bb3c2244d6d1a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
294257
access-control-request-method
*
vary
Accept-Encoding
content-length
9563
x-xss-protection
1; mode=block
x-request-id
7ad5fc93728ee008b1431cac97459a9b
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Thu, 31 Mar 2022 15:57:06 GMT
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
6f667c6f39619b33-FRA
expires
Thu, 01 Apr 2032 02:06:40 GMT
stylesheet.css
assets-production.bndzgl.com/assets/fonts/455343249/23765/ScratchedLetters/ 		206 B
369 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-production.bndzgl.com/assets/fonts/455343249/23765/ScratchedLetters/stylesheet.css
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a94e525f50c7ad230817036e8364e999302c63c32fe5deabc62ed7231ce5a1c0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:40 GMT
access-control-request-method
*
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
access-control-allow-origin
*
content-transfer-encoding
binary
content-disposition
inline; filename="stylesheet.css"; filename*=UTF-8''stylesheet.css
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-runtime
0.020514
x-clacks-overhead
GNU Terry Pratchett
server
cloudflare
x-frame-options
DENY
etag
W/"a94e525f50c7ad230817036e8364e999"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
x-download-options
noopen
content-type
text/css
pragma
no-cache
cache-control
public, max-age=315360000
content-security-policy
frame-ancestors 'self'
x-request-id
11244b79f372e3b93430676a3e33cd2f, 11244b79f372e3b93430676a3e33cd2f
cf-ray
6f667c6f39629b33-FRA
x-rack-cache
miss
expires
Thu, 01 Apr 2032 02:06:40 GMT
css2
fonts.googleapis.com/ 		1 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Assistant:wght@600&display=swap
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dc56dd035d4f0516401c0cd77573e6cf7e2ef4d8446baefc82a11089126cc70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 02:06:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 02:06:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 02:06:40 GMT
css2
fonts.googleapis.com/ 		1 KB
936 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Assistant&display=swap
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50302ae4f0a16f3eccf5bcbd721714954f2454af3c6368976a08d79e87e3a7f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 01:32:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 02:06:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 02:06:40 GMT
css2
fonts.googleapis.com/ 		1 KB
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Assistant:wght@700&display=swap
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9229392ed2203aba5dcc6a2b4a747a7bdb4f7419d5382a8076ff59756ccb4ff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 02:06:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 02:06:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 02:06:40 GMT
polyfill.min.js
polyfill.io/v3/ 		101 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
fastly-original-body-size
94
age
214644
detected-user-agent
Chrome Mobile/100.0.4896
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Fri, 01 Apr 2022 14:04:13 GMT
date
Mon, 04 Apr 2022 02:06:40 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/100.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
application-c91bdd42359230ba87c6e78ded8c7b9f213e88092295a83a55906671b67d8487.js
assets-production.bndzgl.com/assets/usersite/ 		404 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-production.bndzgl.com/assets/usersite/application-c91bdd42359230ba87c6e78ded8c7b9f213e88092295a83a55906671b67d8487.js
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c91bdd42359230ba87c6e78ded8c7b9f213e88092295a83a55906671b67d8487
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
209752
access-control-request-method
*
vary
Accept-Encoding
content-length
132070
x-xss-protection
1; mode=block
x-request-id
cd40d95aa7e235663efd60bd911a750f
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Fri, 01 Apr 2022 13:00:59 GMT
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
6f667c6f39649b33-FRA
expires
Thu, 01 Apr 2032 02:06:40 GMT
usersite-b9a93fb1c066a3c94757.js
assets-production.bndzgl.com/packs/js/ 		380 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-production.bndzgl.com/packs/js/usersite-b9a93fb1c066a3c94757.js
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c39e78c671df865576a162eefc02360cee1a21004c1a4fe59b8798ac67b153a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
295155
access-control-request-method
*
vary
Accept-Encoding
content-length
77970
x-xss-protection
1; mode=block
x-request-id
cdfbe820f785719e0fb1ea5c05848ef9
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Wed, 30 Mar 2022 16:38:54 GMT
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
6f667c703a159b33-FRA
expires
Thu, 01 Apr 2032 02:06:40 GMT
usersite-4d1d7b67.css
assets-production.bndzgl.com/packs/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-production.bndzgl.com/packs/css/usersite-4d1d7b67.css
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a7c6a263b07b6622ca12043c6081ce6143f25caf44395c64b9cc87a9a04041c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
295156
access-control-request-method
*
vary
Accept-Encoding
content-length
2524
x-xss-protection
1; mode=block
x-request-id
6023a3832252c08551404df0c6c69111
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Wed, 30 Mar 2022 16:38:55 GMT
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
6f667c6f39639b33-FRA
expires
Thu, 01 Apr 2032 02:06:40 GMT
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/u/528992/0703b066e684f12e88ef916e04c9cd1df43980cc/original/fa-firebug-14-1.jpg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/ 		306 KB
308 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/u/528992/0703b066e684f12e88ef916e04c9cd1df43980cc/original/fa-firebug-14-1.jpg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3000:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/26927321 (2022-03-31) / Express
Resource Hash
1fd6246e05b9e5fb2404fef2a8eecbea0d1c40d31a0dbd50815f1bdf70be0e31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:42 GMT
via
1.1 fly.io, 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
fly-request-id
01FZS5A80YWHWWCCED09EQVX1M-fra
server
Fly/26927321 (2022-03-31)
x-amz-cf-pop
FRA2-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-amz-cf-id
Uzc2CfNMkrESjFIoLYM-ZT6WjDOQN1n_9g-qQBK5PTOeKUemPtN7uw==
x-zoogle-commands
{"base":"u/528992/0703b066e684f12e88ef916e04c9cd1df43980cc/original/fa-firebug-14-1.jpg/!!/b:W1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/528992/0703b066e684f12e88ef916e04c9cd1df43980cc/original/fa-firebug-14-1.jpg","commands":[["resize",1800,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/u/528992/1bff2832995c836827a2acfdd5cab0ac6a88c5e2/small/fa-longsleeve-mockup.jpg/!!/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/u/528992/1bff2832995c836827a2acfdd5cab0ac6a88c5e2/small/fa-longsleeve-mockup.jpg/!!/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3000:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/26927321 (2022-03-31) / Express
Resource Hash
ebf6071c685f051425d541c80251d2ac680dbc7f59a924499cba44640fc8f103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:41 GMT
via
1.1 fly.io, 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
fly-request-id
01FZS5609TKVQQARSZGE5NQRGB-fra
server
Fly/26927321 (2022-03-31)
x-amz-cf-pop
FRA2-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-amz-cf-id
Nnal7jdL6P59jKgGDgZeBOf_ikPLvOailQ43y-XkKX8Z1hVgUdyDOQ==
x-zoogle-commands
{"base":"u/528992/1bff2832995c836827a2acfdd5cab0ac6a88c5e2/small/fa-longsleeve-mockup.jpg/!!/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/528992/1bff2832995c836827a2acfdd5cab0ac6a88c5e2/original/fa-longsleeve-mockup.jpg","commands":[["resize",[200,null,{"withoutEnlargement":true,"fit":"outside"}],null,{}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/u/528992/1bff2832995c836827a2acfdd5cab0ac6a88c5e2/mini/fa-longsleeve-mockup.jpg/!!/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/u/528992/1bff2832995c836827a2acfdd5cab0ac6a88c5e2/mini/fa-longsleeve-mockup.jpg/!!/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3000:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/26927321 (2022-03-31) / Express
Resource Hash
77b4e238d28daa0b8eac21302d4c0baa5bbcb307b63f594e55d8fa4ab99e714c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:41 GMT
via
1.1 fly.io, 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
fly-request-id
01FZS57KX036ER9Y647C0AT2PT-fra
server
Fly/26927321 (2022-03-31)
x-amz-cf-pop
FRA2-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-amz-cf-id
Nr2liroAp3xrnKKs9icx5AgKKSEjk0K5NgSBZ7YNE8aJTqj5j3SzCg==
x-zoogle-commands
{"base":"u/528992/1bff2832995c836827a2acfdd5cab0ac6a88c5e2/mini/fa-longsleeve-mockup.jpg/!!/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/528992/1bff2832995c836827a2acfdd5cab0ac6a88c5e2/original/fa-longsleeve-mockup.jpg","commands":[["resize",[100,100,{"fit":"outside"}],null,{}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css
assets-production.bndzgl.com/assets/ 		67 B
210 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-production.bndzgl.com/assets/usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
5940648
access-control-request-method
*
vary
Accept-Encoding
content-length
81
x-xss-protection
1; mode=block
x-request-id
709329b80269fb4267f5b43380cbc93f
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Tue, 03 Aug 2021 13:05:16 GMT
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
6f667c706a4d9b33-FRA
expires
Thu, 01 Apr 2032 02:06:40 GMT
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/webp
css2
fonts.googleapis.com/ 		258 B
339 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@600&display=swap&text=0123456789
Requested by
Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/packs/css/usersite-4d1d7b67.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93ec0af6a75bee057b3bebdfb996133e6d2a6461191eb1bde6f962bf03305542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets-production.bndzgl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 01:33:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 02:06:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 02:06:40 GMT
ScratchedLetters.woff2
assets-production.bndzgl.com/assets/fonts/455343249/23765/ScratchedLetters/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets-production.bndzgl.com/assets/fonts/455343249/23765/ScratchedLetters/ScratchedLetters.woff2
Requested by
Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/assets/fonts/455343249/23765/ScratchedLetters/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53153b767e90e7e7cce88780cd632a34a6f4ea9d951257465e13af9d92bdde1a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets-production.bndzgl.com/assets/fonts/455343249/23765/ScratchedLetters/stylesheet.css
Origin
https://findingauroraband.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:40 GMT
access-control-request-method
*
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
86830
content-transfer-encoding
binary
content-disposition
inline; filename="ScratchedLetters.woff2"; filename*=UTF-8''ScratchedLetters.woff2
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-runtime
0.066977
access-control-allow-origin
*
x-clacks-overhead
GNU Terry Pratchett
server
cloudflare
x-frame-options
DENY
etag
W/"53153b767e90e7e7cce88780cd632a34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
x-download-options
noopen
content-type
font/woff2
pragma
no-cache
cache-control
public, max-age=315360000
content-security-policy
frame-ancestors 'self'
x-request-id
b875c4ce7cb8b47a9e3c948d21a0f235, b875c4ce7cb8b47a9e3c948d21a0f235
cf-ray
6f667c709d749966-FRA
x-rack-cache
miss
expires
Thu, 01 Apr 2032 02:06:40 GMT
2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtuZnIGaV3w.woff2
fonts.gstatic.com/s/assistant/v15/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/assistant/v15/2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtuZnIGaV3w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Assistant&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25bc2a8b9a54af8f2d1b0aec422dec6166938362a370ecceeec92e4a4c64cdaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://findingauroraband.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 23:14:13 GMT
x-content-type-options
nosniff
age
442347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11284
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 23:14:13 GMT
2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtgFgIGaV3w.woff2
fonts.gstatic.com/s/assistant/v15/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/assistant/v15/2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtgFgIGaV3w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Assistant:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82627c4c21945e4eb45e62c8bb22dec73967bd1bd0214ee42724712a3d0e52ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://findingauroraband.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 01:42:19 GMT
x-content-type-options
nosniff
age
433461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11220
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:06:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 01:42:19 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/webp
font-icons-027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5.woff
assets-production.bndzgl.com/assets/ 		33 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets-production.bndzgl.com/assets/font-icons-027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5.woff
Requested by
Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/assets/usersite/application-6c590940cf90100bbc46f75500f7f7ff0c75ff9e878cd9f5f9cb33574b060c36.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets-production.bndzgl.com/assets/usersite/application-6c590940cf90100bbc46f75500f7f7ff0c75ff9e878cd9f5f9cb33574b060c36.css
Origin
https://findingauroraband.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:40 GMT
access-control-request-method
*
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
86830
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
869e25ce031fc8b97fb0d7775a51cf0a
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Fri, 21 Jan 2022 04:16:29 GMT
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
x-download-options
noopen
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-security-policy
frame-ancestors 'self'
cf-ray
6f667c709d779966-FRA
expires
Thu, 01 Apr 2032 02:06:40 GMT
2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtjhgIGaV3w.woff2
fonts.gstatic.com/s/assistant/v15/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/assistant/v15/2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtjhgIGaV3w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Assistant:wght@600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
689c20af02bab2d973d5be1ec59c0db23a441f464605573114e0c700cef694ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://findingauroraband.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 01:42:49 GMT
x-content-type-options
nosniff
age
433431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11240
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 01:42:49 GMT
stats.js
stats.zoogletools.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.zoogletools.net/stats.js?v=1
Requested by
Host: findingauroraband.com
URL: https://findingauroraband.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.44.78 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-44-78.ca-central-1.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
7f756b573409469d742597a0085c346279500765f809d3d074e408b914492488
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:41 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
last-modified
Thu, 16 Dec 2021 23:32:39 GMT
server
openresty/1.15.8.2
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
badge
findingauroraband.com/api/cart/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://findingauroraband.com/api/cart/badge
Requested by
Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/packs/js/usersite-b9a93fb1c066a3c94757.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:90:0:b518:199c:8a1f:d33b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
openresty /
Resource Hash
f5f8cff4b618bcba4f59745c018d451fd46a9d3eed8b8eeb1c91384a664b6c98
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://findingauroraband.com/
X-CSRF-Token
dkg9If3R2CyEvWvChLLppClRTevjvURNwSckymRJbm62tWC/XEsq16OK5itofssjydoMXnlwIM7DaVdJtTzGWw==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/html

Response headers

date
Mon, 04 Apr 2022 02:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-runtime
0.078480
x-clacks-overhead
GNU Terry Pratchett
server
openresty
x-frame-options
DENY
etag
W/"f5f8cff4b618bcba4f59745c018d451f"
x-download-options
noopen
strict-transport-security
max-age=604800
content-type
text/html; charset=utf-8
pragma
no-cache
cache-control
no-cache, no-store
content-security-policy
frame-ancestors 'self'
x-request-id
cb9b310c42dc7f26c1f1db9afba528af, cb9b310c42dc7f26c1f1db9afba528af
x-rack-cache
miss
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.js
www.google.com/recaptcha/ 		884 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lfxx4EUAAAAAIuk746FxFg6gj7Ytjx--6K2eaia
Requested by
Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/packs/js/usersite-b9a93fb1c066a3c94757.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
641e028043e25a852c3e29598bb6b92e9c79b3acf9fab02799182987c528aab4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
588
x-xss-protection
1; mode=block
expires
Mon, 04 Apr 2022 02:06:40 GMT
profile
findingauroraband.com/go/member/ 		17 B
600 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://findingauroraband.com/go/member/profile
Requested by
Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/packs/js/usersite-b9a93fb1c066a3c94757.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:90:0:b518:199c:8a1f:d33b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
openresty /
Resource Hash
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://findingauroraband.com/
X-CSRF-Token
dkg9If3R2CyEvWvChLLppClRTevjvURNwSckymRJbm62tWC/XEsq16OK5itofssjydoMXnlwIM7DaVdJtTzGWw==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/json

Response headers

date
Mon, 04 Apr 2022 02:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-runtime
0.034296
x-clacks-overhead
GNU Terry Pratchett
server
openresty
x-frame-options
DENY
etag
W/"06e5f7e2d702e0110271dd33c198e1f3"
x-download-options
noopen
strict-transport-security
max-age=604800
content-type
application/json; charset=utf-8
pragma
no-cache
cache-control
no-cache, no-store
content-security-policy
frame-ancestors 'self'
x-request-id
d6789b9a3312c77d7782e97031461fbd, d6789b9a3312c77d7782e97031461fbd
x-rack-cache
miss
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ 		362 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lfxx4EUAAAAAIuk746FxFg6gj7Ytjx--6K2eaia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://findingauroraband.com/
Origin
https://findingauroraband.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sun, 03 Apr 2022 21:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146406
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 03 Apr 2023 21:40:02 GMT
visits
stats.zoogletools.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats.zoogletools.net/visits
Requested by
Host: stats.zoogletools.net
URL: https://stats.zoogletools.net/stats.js?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.44.78 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-44-78.ca-central-1.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://findingauroraband.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Apr 2022 02:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
x-request-id
3f67f59f6ad263a9c9d6952fb9f421b9
x-runtime
0.011415
referrer-policy
strict-origin-when-cross-origin
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
no-cache
visits
stats.zoogletools.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stats.zoogletools.net/visits
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.44.78 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-44-78.ca-central-1.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://findingauroraband.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
date
Mon, 04 Apr 2022 02:06:41 GMT
server
openresty/1.15.8.2
strict-transport-security
max-age=15724800; includeSubDomains
anchor
www.google.com/recaptcha/api2/ Frame 29B7 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfxx4EUAAAAAIuk746FxFg6gj7Ytjx--6K2eaia&co=aHR0cHM6Ly9maW5kaW5nYXVyb3JhYmFuZC5jb206NDQz&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=a21s7p2am8x2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8cdeb8306861b6b98cf8782ed1047c66de29a0333af50df7e9bf7dd8a23867f1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RU0CnYLcxfbdBlmetkvnXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://findingauroraband.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22019
content-security-policy
script-src 'report-sample' 'nonce-RU0CnYLcxfbdBlmetkvnXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 02:06:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame 29B7 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfxx4EUAAAAAIuk746FxFg6gj7Ytjx--6K2eaia&co=aHR0cHM6Ly9maW5kaW5nYXVyb3JhYmFuZC5jb206NDQz&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=a21s7p2am8x2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 16:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 16:07:12 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame 29B7 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfxx4EUAAAAAIuk746FxFg6gj7Ytjx--6K2eaia&co=aHR0cHM6Ly9maW5kaW5nYXVyb3JhYmFuZC5jb206NDQz&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=a21s7p2am8x2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sun, 03 Apr 2022 21:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146406
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 03 Apr 2023 21:40:02 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 29B7 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfxx4EUAAAAAIuk746FxFg6gj7Ytjx--6K2eaia&co=aHR0cHM6Ly9maW5kaW5nYXVyb3JhYmFuZC5jb206NDQz&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=a21s7p2am8x2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
51540e98209e949f0a7f01c1332f6bf5dfe526adeaabe2705f42184d721f90b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfxx4EUAAAAAIuk746FxFg6gj7Ytjx--6K2eaia&co=aHR0cHM6Ly9maW5kaW5nYXVyb3JhYmFuZC5jb206NDQz&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=a21s7p2am8x2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 04 Apr 2022 02:06:41 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| Carousel function| onYouTubePlayerAPIReady function| refresh object| zoogle object| zgl function| $ function| jQuery object| I18n function| EventEmitter object| eventie function| imagesLoaded function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| Handlebars object| html5 object| Modernizr object| picturefillCFG function| picturefill object| themeJsManager object| skrollr function| addResizeListener function| removeResizeListener function| Waypoint function| YT_ready function| onYouTubeIframeAPIReady object| jQuery1124075702641153838 function| doTextFit object| Rails boolean| _rails_loaded object| webpackJsonp boolean| SM2_DEFER function| SoundManager object| soundManager object| regeneratorRuntime boolean| captchaIsLoading boolean| captchaIsReady object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions object| _zaq undefined| dntStatus boolean| dontTrack boolean| inEditor function| forceRedraw function| toggleIntroPage function| toggleHideNavigationMenu function| updateCanonicalUrl object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_257953

3 Cookies

Domain/Path Name / Value
findingauroraband.com/ Name: guid
Value: 37ed4c16-c5c4-4a4f-ae5c-fce1dca38d1e
findingauroraband.com/ Name: uid_517861
Value: 1
findingauroraband.com/ Name: sid_517861
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-production.bndzgl.com
d10j3mvrs1suex.cloudfront.net
findingauroraband.com
fonts.googleapis.com
fonts.gstatic.com
polyfill.io
stats.zoogletools.net
www.google.com
www.gstatic.com
2600:9000:20eb:3000:7:56a2:7e40:21
2606:4700:90:0:b518:199c:8a1f:d33b
2606:4700::6812:12d7
2a00:1450:4001:803::2003
2a00:1450:4001:811::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200a
2a04:4e42:400::282
52.60.44.78
027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
1fd6246e05b9e5fb2404fef2a8eecbea0d1c40d31a0dbd50815f1bdf70be0e31
25bc2a8b9a54af8f2d1b0aec422dec6166938362a370ecceeec92e4a4c64cdaa
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
50302ae4f0a16f3eccf5bcbd721714954f2454af3c6368976a08d79e87e3a7f0
51540e98209e949f0a7f01c1332f6bf5dfe526adeaabe2705f42184d721f90b1
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
53153b767e90e7e7cce88780cd632a34a6f4ea9d951257465e13af9d92bdde1a
641e028043e25a852c3e29598bb6b92e9c79b3acf9fab02799182987c528aab4
689c20af02bab2d973d5be1ec59c0db23a441f464605573114e0c700cef694ce
6a7c6a263b07b6622ca12043c6081ce6143f25caf44395c64b9cc87a9a04041c
6c590940cf90100bbc46f75500f7f7ff0c75ff9e878cd9f5f9cb33574b060c36
77b4e238d28daa0b8eac21302d4c0baa5bbcb307b63f594e55d8fa4ab99e714c
7bb1a87100feecd5df14cd233040c03dea2034b9d95d302f14ee0edb6d95d61c
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7f756b573409469d742597a0085c346279500765f809d3d074e408b914492488
82627c4c21945e4eb45e62c8bb22dec73967bd1bd0214ee42724712a3d0e52ff
898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553
8cdeb8306861b6b98cf8782ed1047c66de29a0333af50df7e9bf7dd8a23867f1
8dc56dd035d4f0516401c0cd77573e6cf7e2ef4d8446baefc82a11089126cc70
9229392ed2203aba5dcc6a2b4a747a7bdb4f7419d5382a8076ff59756ccb4ff5
93ec0af6a75bee057b3bebdfb996133e6d2a6461191eb1bde6f962bf03305542
a4c3adca82ea036b27e91ba5185928c5bef5bb3fe21f55e8496bb3c2244d6d1a
a94e525f50c7ad230817036e8364e999302c63c32fe5deabc62ed7231ce5a1c0
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c39e78c671df865576a162eefc02360cee1a21004c1a4fe59b8798ac67b153a5
c91bdd42359230ba87c6e78ded8c7b9f213e88092295a83a55906671b67d8487
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0
ebf6071c685f051425d541c80251d2ac680dbc7f59a924499cba44640fc8f103
f5f8cff4b618bcba4f59745c018d451fd46a9d3eed8b8eeb1c91384a664b6c98
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48