dysterrauniverse.com Open in urlscan Pro
2606:4700:3035::6815:4af7  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response dysterrauniverse.com/Login/Promocode/	11 KB 4 KB	843ms 822ms	Document text/html	2606:4700:3035::6815:4af7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:4af7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3bb03df0421f1cd7b16a819f5a15b1109ce1f1dc2332ae21372e1bcb2e27aa9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 01 Feb 2022 04:58:50 GMT content-type text/html; charset=utf-8 access-control-allow-origin * expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster global cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFeAQxmjvAR1Uuj9C1Z2T9zdShTR8S%2Bxc8jHP4q8lFBbl39X%2BqhkhrDJNE2kOSnX%2FoEpNNjMMDaCOdcqrbqbAyIqe1PxdIvjZlvMo83X8VaAKyGozku52HbKcyBXdtPt1QmxjqqjeFLu%2FYq2y4%2FEF8zjtg%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6d689b596c319186-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	166ms 65ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-101121674-3 Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8a6a261e8baf9a89164dc2fbc4a1b18d603629a3471482e0cbd0d200398b05f3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dysterrauniverse.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36111 x-xss-protection 0 last-modified Tue, 01 Feb 2022 03:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 01 Feb 2022 04:58:50 GMT
GET H2	200	css2 fonts.googleapis.com/	34 KB 2 KB	164ms 64ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Rajdhani:wght@300;400;500;600;700&display=swap Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 666d40c07bac862eff579b42da62fcef82b1f394e0c5769749d1f18fba258042 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dysterrauniverse.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 01 Feb 2022 04:58:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 01 Feb 2022 04:58:50 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 01 Feb 2022 04:58:50 GMT
GET H2	200	all.css use.fontawesome.com/releases/v5.0.13/css/	40 KB 10 KB	247ms 229ms	Stylesheet text/css	2606:4700:3037::6815:4e07 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.13/css/all.css Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e Request headers Referer https://dysterrauniverse.com/ Origin https://dysterrauniverse.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id WJV79DF8SM8KGTA9 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 u0OAeE4dsRgEiDRdy9CqbXlML7mg+KHZCayKuc/TBmeoa3AfE7c7jPOdz7tnJlM4edcctLq5Hl8= last-modified Wed, 30 Jun 2021 15:27:31 GMT server cloudflare etag W/"d61bfe9b56c13ecff5313ee3abb45e8b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3Qx3KINyh5yYnqGPgEwmhvetZqVIl51plTV1fEay6i%2B%2BR92tjDNT8pPfEGuRlvmD6rRaCKlEbjbkGMhLjBbnw1hCgti3OJj06no8wQtxAvD%2BpMscxC3q%2Fyxxh%2FaLqlVYQ8UqvJ3FShKr8A5%2FZoE6yCW"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 6d689b5f1fdd9030-FRA
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/	156 KB 25 KB	33ms 16ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dysterrauniverse.com/ Origin https://dysterrauniverse.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 617 age 38727 cdn-cachedat 10/15/2021 16:16:32 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.0 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:09 GMT server cloudflare cdn-requestpullcode 200 etag W/"7cc40c199d128af6b01e74a28c5900b0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 2c2f2b620389b7c6265c9161d6551620 cdn-requestcountrycode US cf-ray 6d689b5f1e15902e-FRA cdn-cache HIT cdn-status 200 cdn-requestpullsuccess True
GET H2	200	app.css dysterrauniverse.com/css/	178 KB 26 KB	48ms 47ms	Stylesheet text/css	2606:4700:3035::6815:4af7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dysterrauniverse.com/css/app.css Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:4af7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d8ecee831ad7efa04acc41664dbe3c2e1604d8fd4f7283b8f7163444d5a63ee Request headers Accept-Language de-DE,de;q=0.9 Referer https://dysterrauniverse.com/Login/Promocode/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1697 replit-cluster global alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 01 Feb 2022 04:30:33 GMT server cloudflare expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKW4n10yFgVbHiYwKZrcHrQTNtuAWu1feHzmspbjWZZQnQm2nf0lzG84ZrVhxsK%2BidFH9UpqkOnDJfGzjmwrvgkSGbTtDiF70Kss0AFlFBJtqA5dTDKxgH2sGA7TWfeb5qxZntVPcoBxNbb8x1hQJzMA6g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 6d689b5f0daf9186-FRA
GET H2	200	logo.png dysterrauniverse.com/img/	1 MB 1 MB	47ms 46ms	Image image/png	2606:4700:3035::6815:4af7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dysterrauniverse.com/img/logo.png Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:4af7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 261281f3eb5e47285142b699c14dc216976a350599630561fb091f18a8f15fe6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dysterrauniverse.com/Login/Promocode/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1697 replit-cluster global alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1471886 last-modified Tue, 01 Feb 2022 04:30:33 GMT server cloudflare expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbRY1PviO%2B9l26ypKDvBxpkcEyPineKgQWlzhL%2FA4%2FzjpjxjAlcPqaMq%2F5X%2F8B8%2FcKrIIEcWz%2Bv9%2BXXRplAm5FSj%2FjqGi%2Bq01i0orOr6kVBX1AZFDGhPnfu%2FmPNcEiYL0itKiWHi61DKdeP0MVvG1Y6XHQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 6d689b5f0db29186-FRA
GET H2	200	Discord.svg dysterrauniverse.com/img/social/	2 KB 1 KB	70ms 69ms	Image image/svg+xml	2606:4700:3035::6815:4af7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dysterrauniverse.com/img/social/Discord.svg Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:4af7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76f31a687403762f02958b1bf2f4f007878af56cb6cfed7527877f65fb0baeca Request headers Accept-Language de-DE,de;q=0.9 Referer https://dysterrauniverse.com/Login/Promocode/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1697 replit-cluster global alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 01 Feb 2022 04:30:33 GMT server cloudflare expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mFvOtEqMUkgcZD7sOPS18MVQvRuqDcaHjdo0nSpNF3L0UhHjbg2gqjefC6w5r3m%2B3wLuGAJ5zIz31LYjT3tsPqCkqLFNIoROHbQoi%2FFAEe0ptQXt9DcXq%2BpQsPqtZN93%2BkKE6kMEth3kovFIRC2%2F1Tizw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=14400 cf-ray 6d689b5f0db39186-FRA
GET H2	200	Twitter.svg dysterrauniverse.com/img/social/	2 KB 1 KB	71ms 70ms	Image image/svg+xml	2606:4700:3035::6815:4af7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dysterrauniverse.com/img/social/Twitter.svg Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:4af7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e64da90b96ba6d6aeac95433a8a297825222131c35500a45aa70c684fd4a76ae Request headers Accept-Language de-DE,de;q=0.9 Referer https://dysterrauniverse.com/Login/Promocode/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1697 replit-cluster global alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 01 Feb 2022 04:30:33 GMT server cloudflare expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKKbVBgcv16lm8wsmoNatdiltaQWT0ZzBTHIgssR2EbbrIWPTr1d8VcqA2WyOAadptZ%2F4UXJCzF%2FG0g5yETYEN56HvLgAoiEPihFMfUEpcnPOfwP58Nz7jrVXP1Jo1bt1pH1BmBxDDnp4LOWv%2FNc6qbvNg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=14400 cf-ray 6d689b5f0db49186-FRA
GET H2	200	YouTube.svg dysterrauniverse.com/img/social/	1 KB 1 KB	44ms 43ms	Image image/svg+xml	2606:4700:3035::6815:4af7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dysterrauniverse.com/img/social/YouTube.svg Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:4af7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce920d60cd9c6862141fc32a9da4020a87ba73b0750f53aa3f4d2196fbd32804 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dysterrauniverse.com/Login/Promocode/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1697 replit-cluster global alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 01 Feb 2022 04:30:33 GMT server cloudflare expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cGuVxYUoQxDICMIMxNsWHGqzRY5JA4pUSdy%2B7pO6mE6EYzzMNTlaq42Y9qF6RZXeWDrsFqzF3QCbJIhHnp8GNpMOnSTCexCYjmUreY3IigRXzwxsyQUtpZR%2BeGxGLishHOwVG95Cwflyc%2FoskNOyPYS1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=14400 cf-ray 6d689b5f0db69186-FRA
GET H2	200	email-decode.min.js Show response dysterrauniverse.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	46ms 44ms	Script application/javascript	2606:4700:3035::6815:4af7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dysterrauniverse.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:4af7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://dysterrauniverse.com/Login/Promocode/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 27 Jan 2022 10:01:18 GMT server cloudflare etag W/"61f26d6e-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzRstiK7gfndYbQSHLxcqv5RnSW4IfL1xcYKT4c%2BbXOPcq5jTRqFvomHyjXzO%2F8644hzf2cmkis46hbwbl0d%2BjGkPN%2BJ9nI%2Bzj83v%2FEVPK%2Fh18o%2BhculC62EtXEl0AmwFj%2B4dwWjIyFIg5ZEnjlb9p6t1g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6d689b5f0db19186-FRA vary Accept-Encoding expires Thu, 03 Feb 2022 04:58:50 GMT
GET H2	200	jquery-3.4.1.slim.min.js Show response code.jquery.com/	69 KB 24 KB	61ms 20ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.slim.min.js Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f Request headers Referer https://dysterrauniverse.com/ Origin https://dysterrauniverse.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-1157d" vary Accept-Encoding x-hw 1643691530.dop013.am5.t,1643691530.cds238.am5.hn,1643691530.cds246.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 24328
GET H2	200	popper.min.js Show response cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/	21 KB 8 KB	36ms 17ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dysterrauniverse.com/ Origin https://dysterrauniverse.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 587797 x-jsd-version 1.16.0 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19128-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"5309-YvI45zNIx3656GVCan0bfeI8uy0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 6d689b5f28649247-FRA
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/	59 KB 16 KB	33ms 19ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dysterrauniverse.com/ Origin https://dysterrauniverse.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 845 age 38727 cdn-cachedat 01/20/2022 08:58:54 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.02 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:09 GMT server cloudflare cdn-requestpullcode 200 etag W/"61f338f870fcd0ff46362ef109d28533" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 9a50de0b0acaac55097b69521200c582 cdn-requestcountrycode US cf-ray 6d689b5f1e17902e-FRA cdn-cache HIT cdn-status 200 cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.2.1/	85 KB 30 KB	159ms 62ms	Script text/javascript	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dysterrauniverse.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 03:41:20 GMT content-encoding gzip x-content-type-options nosniff age 4650 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30306 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 01 Feb 2023 03:41:20 GMT
GET H3	200	backgroundx.jpg dysterrauniverse.com/img/	106 KB 107 KB	702ms 701ms	Image image/jpeg	2606:4700:3035::6815:4af7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dysterrauniverse.com/img/backgroundx.jpg Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:4af7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 458f47799cb30cc094c8fc5fd4af92a091b7a91bd8403a72f580266fe6e85fdd Request headers Accept-Language de-DE,de;q=0.9 Referer https://dysterrauniverse.com/Login/Promocode/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:51 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} replit-cluster global alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 108859 last-modified Tue, 01 Feb 2022 04:58:50 GMT server cloudflare expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ll%2BPqwSJvNVxsYm5%2FfYiimTV2FPvM2GHmYKa8RcF3t%2F14mAHHzKUdpQEFLJbc5W%2Fbh3kcJ1i8TYk2%2FPpZYdXOWihIy8kQRvL7tdlnXNkjSYM9y07nFEZSecZD%2FieNvsD3JDg6%2BtNxqgNjWqVJhCM7B%2B81w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 6d689b609ddb9128-FRA
GET H2	200	LDI2apCSOBg7S-QT7pa8FvOreec.woff2 fonts.gstatic.com/s/rajdhani/v14/	15 KB 16 KB	124ms 37ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rajdhani/v14/LDI2apCSOBg7S-QT7pa8FvOreec.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Rajdhani:wght@300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://dysterrauniverse.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 20:02:10 GMT x-content-type-options nosniff age 464200 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:00:53 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 26 Jan 2023 20:02:10 GMT
GET H2	200	LDIxapCSOBg7S-QT7p4HM-Y.woff2 fonts.gstatic.com/s/rajdhani/v14/	15 KB 15 KB	136ms 49ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rajdhani/v14/LDIxapCSOBg7S-QT7p4HM-Y.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Rajdhani:wght@300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 759a9000e47b028799d7a4ca602634a7ac7adf415775df070a335d18d9b66f38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://dysterrauniverse.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 19:33:19 GMT x-content-type-options nosniff age 465931 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14976 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:02:52 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 26 Jan 2023 19:33:19 GMT
GET H3	200	fa-solid-900.woff2 use.fontawesome.com/releases/v5.0.13/webfonts/	49 KB 50 KB	224ms 212ms	Font font/woff2	2606:4700:3037::6815:4e07 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-solid-900.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4 Request headers Referer https://use.fontawesome.com/releases/v5.0.13/css/all.css Origin https://dysterrauniverse.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id WJVB165TB3CQHQZY alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 50372 x-amz-id-2 r9bfwp4+jypxVjvMDhbzHugVDZZ/w+1+6R1GikBP1Y726Hr+9HBazmWog3jT9CE+fgabJRZh1j4= last-modified Wed, 30 Jun 2021 15:27:47 GMT server cloudflare etag "8a8c0474283e0d9ef41743e5e486bf05" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbLqK8IpY2rdFDEtxARN2SuDwINRBQ9dOYMe2NW67ov7JhCdhVl7rzhONnhDv4egOfiG2Ymyrm2UgEq5ePKn9a3EdUmg3WM3ibIn6CnHC7t1IIeAWsFJeObSAdnWaGvOYna%2FI2zYJbU%2B29xxIRS5riVd"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 6d689b60bf718ff5-FRA
GET H3	200	fa-brands-400.woff2 use.fontawesome.com/releases/v5.0.13/webfonts/	60 KB 61 KB	211ms 199ms	Font font/woff2	2606:4700:3037::6815:4e07 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-brands-400.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c Request headers Referer https://use.fontawesome.com/releases/v5.0.13/css/all.css Origin https://dysterrauniverse.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:50 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id WJV0KJPAHAGVJ4E8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 61336 x-amz-id-2 P/pXOZO2roNlqxOfd+DBGoq0SQKpghBA08Y/97ELMc5G5CvhCsLRwvrFt6QwEe5b3CRsrYe9mH8= last-modified Wed, 30 Jun 2021 15:27:47 GMT server cloudflare etag "3654744dc6d6c37c9b3582b57622df5e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkKq9mJLMVCmsHEWVNfwFgdNto9bkdL8tzUZAK4OQOjScRs5TbEpgkihFTpVph%2FUGG%2FIfn7JtbV3a7dOyWldFR3luYgZb01zxuAJHpAVa82g%2FafGUm9Mmu4%2F1uRwuDdAxVQIYo58G5tqo54hZAwvbrAv"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 6d689b60bf738ff5-FRA
GET H2	200	/ Show response json.geoiplookup.io/	619 B 1 KB	1413ms 1380ms	Script application/javascript	2606:4700:20::ac43:4444 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://json.geoiplookup.io/?callback=jQuery32106691680638833055_1643691530409&_=1643691530410 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4444 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / centminmod Resource Hash 379fe3283d363ea4ba0d38782b8ac01bacfe10e94395971cdf5154610657f70a Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://dysterrauniverse.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 04:58:51 GMT content-encoding br x-content-type-options nosniff, nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by centminmod x-ratelimit-remaining 500 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 01 Feb 2022 04:58:51 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1CVq6FOI6oE4TiXc%2BebhknRg6n%2FFXqMvMa1Z7aRbNVg80KuKSbb4kJi25MqsEDB2w7u2qDFSDwyIhNX%2F3IaYqdOdrk8gVzPC%2Bmp2FmPLiwE18%2FO4t1674xwpgtI%2BQeZwopsjjQA7dWwDPRLUXpaAEY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 x-ratelimit-limit 500 cf-ray 6d689b614d6690af-FRA
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	377ms 37ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-101121674-3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dysterrauniverse.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 5036 date Tue, 01 Feb 2022 03:34:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 01 Feb 2022 05:34:54 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	99ms 52ms	XHR text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=818247016&t=pageview&_s=1&dl=https%3A%2F%2Fdysterrauniverse.com%2FLogin%2FPromocode%2Findex.html&ul=en-us&de=UTF-8&dt=Dysterra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=513327069&gjid=1518972649&cid=1324284841.1643691531&tid=UA-101121674-3&_gid=1245042407.1643691531&_r=1&gtm=2ou1q0&z=738900618 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://dysterrauniverse.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 01 Feb 2022 04:58:50 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://dysterrauniverse.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	client-info Show response api.bigdatacloud.net/data/	570 B 511 B	38ms 13ms	XHR application/json	76.223.87.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.bigdatacloud.net/data/client-info Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.87.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a5c358b10ce834189.awsglobalaccelerator.com Software / Resource Hash 169cf363528e7d70ef235c76487a7db1b4cedeb6d5e1d47559a682f43852a637 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://dysterrauniverse.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers access-control-allow-origin * date Tue, 01 Feb 2022 04:58:51 GMT content-encoding gzip x-response-time-ms 4.27 vary Accept-Encoding content-type application/json; charset=utf-8
OPTIONS H2	200	qXbsvTgXREcJHIf2NVHgIYXey0EqsPHCzFVD86ah776wamksp79aqErJaIubSjIUwzjK discord.com/api/webhooks/937553980651868202/	0 0	166ms 149ms	Preflight text/html	162.159.128.233 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord.com/api/webhooks/937553980651868202/qXbsvTgXREcJHIf2NVHgIYXey0EqsPHCzFVD86ah776wamksp79aqErJaIubSjIUwzjK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://dysterrauniverse.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Sec-Fetch-Mode cors Response headers date Tue, 01 Feb 2022 04:58:52 GMT content-type text/html; charset=utf-8 allow OPTIONS, PATCH, HEAD, DELETE, POST, GET access-control-allow-origin https://dysterrauniverse.com access-control-allow-credentials true access-control-allow-methods POST, GET, PUT, PATCH, DELETE access-control-allow-headers Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Debug-Options, x-client-trace-id, If-None-Match, Range, X-RateLimit-Precision strict-transport-security max-age=31536000; includeSubDomains; preload x-envoy-upstream-service-time 6 via 1.1 google alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jF01SRZlEUM3OIW1mTVp9P4xVTkSBVnTCllPUkZFVXKJTc6T8AG9WIcckIO9vGpvyRYEsNIpV21jT76rSMRmwR3bqhElA%2BuqhMGP5Fm2mSB3M%2B9Qpazu7ienzxB9"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff server cloudflare cf-ray 6d689b6a5ff990ac-FRA content-encoding br
POST H3	204	qXbsvTgXREcJHIf2NVHgIYXey0EqsPHCzFVD86ah776wamksp79aqErJaIubSjIUwzjK Show response discord.com/api/webhooks/937553980651868202/	0 1 KB	325ms 315ms	XHR text/html	162.159.128.233 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord.com/api/webhooks/937553980651868202/qXbsvTgXREcJHIf2NVHgIYXey0EqsPHCzFVD86ah776wamksp79aqErJaIubSjIUwzjK Requested by Host: dysterrauniverse.com URL: https://dysterrauniverse.com/Login/Promocode/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dysterrauniverse.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-type application/json Response headers date Tue, 01 Feb 2022 04:58:52 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-ratelimit-bucket 3cd1f278bd0ecaf11e0d2391374c011d x-ratelimit-reset-after 2 x-envoy-upstream-service-time 167 access-control-allow-methods POST, GET, PUT, PATCH, DELETE strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 access-control-allow-headers Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Debug-Options, x-client-trace-id, If-None-Match, Range, X-RateLimit-Precision server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-ratelimit-remaining 4 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sD1gxjKuRYupzil8XZwBxaGzmNYzNriPskJV9snEdGxxkKsHw1J%2BiosgcDJ68ELCIylZngz%2FeCzLima%2BfKx%2BhkARwMSel%2ByKMiEWY7TggpNcdOCyiB43c%2BKL5mXz"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin https://dysterrauniverse.com access-control-expose-headers Retry-After, X-RateLimit-Global, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-RateLimit-Reset-After, X-RateLimit-Bucket, X-RateLimit-Scope, Date access-control-allow-credentials true x-ratelimit-reset 1643691535 x-ratelimit-limit 5 cf-ray 6d689b6b5e44901e-FRA nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| $ function| jQuery function| Popper object| bootstrap string| webhook object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dysterrauniverse.com/	1970-01-20 18:06:03	Name: _ga Value: GA1.2.1324284841.1643691531
			.dysterrauniverse.com/	1970-01-20 00:36:17	Name: _gid Value: GA1.2.1245042407.1643691531
			.dysterrauniverse.com/	1970-01-20 00:34:51	Name: _gat_gtag_UA_101121674_3 Value: 1
			.geoiplookup.io/	1970-01-20 00:34:53	Name: __cf_bm Value: D1fCmirioB0U4I4X8BNOm6raFHl9V97gOoKF.bEtKX8-1643691531-0-AWdSpSjm2kX+mcavAsNzJn4gX0gciikiDnlBvqLZ2+V1wGlC+xgsu+L4WkLJprFmmHar1zrHMux1Xf044wEvlL4=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.bigdatacloud.net
cdn.jsdelivr.net
code.jquery.com
discord.com
dysterrauniverse.com
fonts.googleapis.com
fonts.gstatic.com
json.geoiplookup.io
stackpath.bootstrapcdn.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
162.159.128.233
2001:4de0:ac18::1:a:1b
2606:4700:20::ac43:4444
2606:4700:3035::6815:4af7
2606:4700:3037::6815:4e07
2606:4700::6810:5714
2606:4700::6812:bcf
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
76.223.87.32
169cf363528e7d70ef235c76487a7db1b4cedeb6d5e1d47559a682f43852a637
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
261281f3eb5e47285142b699c14dc216976a350599630561fb091f18a8f15fe6
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
379fe3283d363ea4ba0d38782b8ac01bacfe10e94395971cdf5154610657f70a
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
458f47799cb30cc094c8fc5fd4af92a091b7a91bd8403a72f580266fe6e85fdd
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
666d40c07bac862eff579b42da62fcef82b1f394e0c5769749d1f18fba258042
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
759a9000e47b028799d7a4ca602634a7ac7adf415775df070a335d18d9b66f38
76f31a687403762f02958b1bf2f4f007878af56cb6cfed7527877f65fb0baeca
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a6a261e8baf9a89164dc2fbc4a1b18d603629a3471482e0cbd0d200398b05f3
9d8ecee831ad7efa04acc41664dbe3c2e1604d8fd4f7283b8f7163444d5a63ee
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
ce920d60cd9c6862141fc32a9da4020a87ba73b0750f53aa3f4d2196fbd32804
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bb03df0421f1cd7b16a819f5a15b1109ce1f1dc2332ae21372e1bcb2e27aa9
e64da90b96ba6d6aeac95433a8a297825222131c35500a45aa70c684fd4a76ae