stage.server.xpresso.games Open in urlscan Pro
159.69.185.213  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response stage.server.xpresso.games/	5 KB 5 KB	330ms 70ms	Document text/html	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash 741af729143799e45bea142a07f09d3738c76255d75b8154ec3b71e0330e722f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 4685 content-type text/html date Tue, 13 Aug 2024 18:41:30 GMT etag "6316d8fa-124d" last-modified Tue, 06 Sep 2022 05:22:02 GMT strict-transport-security max-age=15724800; includeSubDomains
GET H2	200	css fonts.googleapis.com/	19 KB 2 KB	814ms 80ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CIstok+Web:400,700 Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 397f4c8a47aa0d3e60ec42f93577344a9abf74f531071bcb4cb843512a384891 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 13 Aug 2024 18:41:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 13 Aug 2024 18:41:31 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 13 Aug 2024 18:41:31 GMT
GET H2	200	modernizr-custom.js Show response stage.server.xpresso.games/	3 KB 4 KB	235ms 228ms	Script application/javascript	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stage.server.xpresso.games/modernizr-custom.js Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash e2ff93fd4a7924f44d4eccb588aa91b712de3dd18dd2266f1d0645731b6e7ec1 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:30 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:20:10 GMT accept-ranges bytes etag "6316d88a-da4" content-length 3492 content-type application/javascript
GET H2	200	js Show response www.googletagmanager.com/gtag/	128 KB 49 KB	276ms 99ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 58905b8f1a36b94c034f173cb8f7d80d1c7928287e21d0c72f5640bee96cada1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49845 x-xss-protection 0 last-modified Tue, 13 Aug 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 13 Aug 2024 18:41:31 GMT
GET H2	200	2.ab68c8a5.chunk.css stage.server.xpresso.games/static/css/	15 KB 15 KB	107ms 101ms	Stylesheet text/css	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stage.server.xpresso.games/static/css/2.ab68c8a5.chunk.css Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash 4bae8c6d4db88a430451e18da9ce67c7d84d1800806416987c6890c15fac6bb6 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:30 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:22:02 GMT accept-ranges bytes etag "6316d8fa-3c48" content-length 15432 content-type text/css
GET H2	200	main.af93176f.chunk.css stage.server.xpresso.games/static/css/	524 KB 525 KB	108ms 102ms	Stylesheet text/css	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stage.server.xpresso.games/static/css/main.af93176f.chunk.css Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash 1b8b1b8e95e8ebcb32acd20122bb4ad338fde33f9a5e3d31fdd17cbc5557c63e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:30 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:22:02 GMT accept-ranges bytes etag "6316d8fa-82f28" content-length 536360 content-type text/css
GET H2	200	2.1f882044.chunk.js Show response stage.server.xpresso.games/static/js/	2 MB 2 MB	259ms 253ms	Script application/javascript	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stage.server.xpresso.games/static/js/2.1f882044.chunk.js Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash 940a998376e9eb84e8461720808b9814fd97a0845a0cf179bf55b48bd954ff2b Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:30 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:22:02 GMT accept-ranges bytes etag "6316d8fa-2235c9" content-length 2241993 content-type application/javascript
GET H2	200	main.0b060faa.chunk.js Show response stage.server.xpresso.games/static/js/	2 MB 2 MB	109ms 103ms	Script application/javascript	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stage.server.xpresso.games/static/js/main.0b060faa.chunk.js Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash 4c31f86e2e89f8508e661d7a376b29c4972da1fa29be71dc62dc49208ca3cadd Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:30 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:22:02 GMT accept-ranges bytes etag "6316d8fa-1823c8" content-length 1582024 content-type application/javascript
GET H2	200	nh51h9vq8wnqyk9b4ksn.js Show response widget.ybug.io/button/	23 KB 8 KB	865ms 394ms	Script text/javascript	2400:52e0:1a00::1206:2 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://widget.ybug.io/button/nh51h9vq8wnqyk9b4ksn.js Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-IL1-1206 / Resource Hash 41f65c6964962a60854c89e2df2c0924a7b0a145c1249e29a22450530bddee8e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cdn-edgestorageid 894 perma-cache HIT cdn-storageserver NY-353 cdn-cachedat 08/13/2024 18:41:32 cdn-pullzone 87350 last-modified Thu, 16 May 2024 09:53:24 GMT server BunnyCDN-IL1-1206 cdn-fileserver 790 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"6645d794-5b4b" vary Accept-Encoding, Accept-Encoding content-type text/javascript; charset=utf-8 cdn-cache MISS cdn-uid ef986237-8e0e-47de-89d7-9611cbc394e5 cache-control max-age=360, public cdn-requestid f7944765506a4545430b8a7dbed76faa cdn-requestcountrycode ES cdn-status 200 cdn-requestpullsuccess True
GET H2	200	js Show response www.googletagmanager.com/gtag/	279 KB 97 KB	83ms 82ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-HV5Z7BX29J&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a5f9197639828dca0f6a67987ffe8453a5f60728a371f1275a7d493cb3ef644c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:34 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 98873 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 13 Aug 2024 18:41:34 GMT
GET H2	200	xpresso.jpg stage.server.xpresso.games/images/	74 KB 75 KB	70ms 70ms	Image image/jpeg	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stage.server.xpresso.games/images/xpresso.jpg Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash 78c7782f1b056e56e31efd9a63efa1e5e76649da6ecc0c4547962d5490c94f41 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:34 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:20:10 GMT accept-ranges bytes etag "6316d88a-12883" content-length 75907 content-type image/jpeg
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 fonts.gstatic.com/s/opensans/v40/	26 KB 26 KB	891ms 207ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CIstok+Web:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://stage.server.xpresso.games User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 14:35:28 GMT x-content-type-options nosniff age 14767 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26736 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:00:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Aug 2025 14:35:28 GMT
GET H2	200	icomoon.720c0bda.ttf stage.server.xpresso.games/static/media/	35 KB 36 KB	274ms 273ms	Font application/octet-stream	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stage.server.xpresso.games/static/media/icomoon.720c0bda.ttf Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/static/css/main.af93176f.chunk.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash 069ddeca700aafafe250362b698892a53c08ce631559ee61d8e9e3f07078b4e1 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/static/css/main.af93176f.chunk.css Origin https://stage.server.xpresso.games User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:34 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:22:02 GMT accept-ranges bytes etag "6316d8fa-8d98" content-length 36248 content-type application/octet-stream
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	846ms 162ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CIstok+Web:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://stage.server.xpresso.games User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 12:26:16 GMT x-content-type-options nosniff age 22519 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Aug 2025 12:26:16 GMT
GET H2	200	3qTqojGmgSyUukBzKslhvU5q-WMV.woff2 fonts.gstatic.com/s/istokweb/v24/	24 KB 25 KB	744ms 76ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/istokweb/v24/3qTqojGmgSyUukBzKslhvU5q-WMV.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CIstok+Web:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0264d158d070e0db0306374405ea5c4ef050b1e942859a84838b9d0e02a4d29b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://stage.server.xpresso.games User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 14:35:37 GMT x-content-type-options nosniff age 14758 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24812 x-xss-protection 0 last-modified Thu, 24 Aug 2023 21:12:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Aug 2025 14:35:37 GMT
GET H2	200	3qTqojGmgSyUukBzKslhvU5q_WMVUBc.woff2 fonts.gstatic.com/s/istokweb/v24/	15 KB 15 KB	829ms 162ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/istokweb/v24/3qTqojGmgSyUukBzKslhvU5q_WMVUBc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CIstok+Web:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7f4f5f5fede70f8f378e6ef9f85b6918e74dc60d8133650af94490e95b39925a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://stage.server.xpresso.games User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 22:26:28 GMT x-content-type-options nosniff age 72907 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15184 x-xss-protection 0 last-modified Thu, 24 Aug 2023 21:12:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Aug 2025 22:26:28 GMT
GET H2	200	landing-1.png stage.server.xpresso.games/images/	286 KB 287 KB	78ms 76ms	Image image/png	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stage.server.xpresso.games/images/landing-1.png Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash 1c36abf552973c11b18abd0492790f78128a0a3b7be30937060f16a9160adca9 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:34 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:20:10 GMT accept-ranges bytes etag "6316d88a-477e8" content-length 292840 content-type image/png
GET H2	200	landing-2.png stage.server.xpresso.games/images/	297 KB 298 KB	79ms 78ms	Image image/png	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stage.server.xpresso.games/images/landing-2.png Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash db0e28bc33126877fe8007385b323adeb788126ad3266263bdbfed4cf8e6fa8f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:34 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:20:10 GMT accept-ranges bytes etag "6316d88a-4a3cf" content-length 304079 content-type image/png
GET H2	200	landing-3.png stage.server.xpresso.games/images/	265 KB 266 KB	312ms 311ms	Image image/png	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stage.server.xpresso.games/images/landing-3.png Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash ba8173ec5e88dd293ea6aaa3ee47a0e8ec37f4589e85cdb1985fa7f024b1685e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:34 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:20:10 GMT accept-ranges bytes etag "6316d88a-42343" content-length 271171 content-type image/png
GET H2	200	landing-4.png stage.server.xpresso.games/images/	357 KB 359 KB	80ms 79ms	Image image/png	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stage.server.xpresso.games/images/landing-4.png Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash abe0c997617fba7fd375aff963030276a7f960996e95d04deb7780c48c5785f1 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:34 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:20:10 GMT accept-ranges bytes etag "6316d88a-59536" content-length 365878 content-type image/png
GET H2	200	logo.svg stage.server.xpresso.games/images/	7 KB 8 KB	484ms 482ms	Image image/svg+xml	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stage.server.xpresso.games/images/logo.svg Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash cbd3757b94f9bc4964bb62a812ae233b421d5d86b6e9f11b6ffc5fd93c90c4ae Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:34 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:20:10 GMT accept-ranges bytes etag "6316d88a-1d82" content-length 7554 content-type image/svg+xml
GET H2	200	britain.png stage.server.xpresso.games/images/flags/	1 KB 1 KB	460ms 459ms	Image image/png	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stage.server.xpresso.games/images/flags/britain.png Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash e97f9455cb9af4dded74dcb01e5e266d88cdd9e0936862a299a28a93ba675d81 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:34 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:20:10 GMT accept-ranges bytes etag "6316d88a-4fb" content-length 1275 content-type image/png
GET H2	206	xpresso-h264.m4v stage.server.xpresso.games/videos/	4 MB 0	765ms 762ms	Media video/x-m4v	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stage.server.xpresso.games/videos/xpresso-h264.m4v Requested by Host: stage.server.xpresso.games URL: https://stage.server.xpresso.games/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-5612397/5612398 date Tue, 13 Aug 2024 18:41:34 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:20:10 GMT etag "6316d88a-55a36e" Content-Length 5612398 content-type video/x-m4v
POST H2	204	collect region1.google-analytics.com/g/	0 0	214ms 63ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-HV5Z7BX29J&gtm=45je4880v888786286za200&_p=1723574491540&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1787301218.1723574495&ul=es-es&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723574495&sct=1&seg=0&dl=https%3A%2F%2Fstage.server.xpresso.games%2F&dt=Espresso&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5146 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-HV5Z7BX29J&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 13 Aug 2024 18:41:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://stage.server.xpresso.games cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	a www.googletagmanager.com/	0 11 B	69ms 69ms	Image text/html	142.250.185.136 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?v=3&t=l&pid=1390834869&rv=4880&u=AAAAAAAAAAAAACCAAAEAAABA&h=Ag&gtm=45je4880v888786286za200&ccid=88786286&cid=G-HV5Z7BX29J&l=L1426.S158.B139.E814.I4433.EC6.TC10.HTC0~gtm.init.S0.V0.E442.TS5ccdemoutboundclick.TI3.TE30.TS5ccdemdownload.TI5.TE0.TS5ccdemvideo.TI6.TE8.TS5ccdemsitesearch.TI7.TE7.TS5ccdemscroll.TI8.TE3.TS5ccdempageview.TI9.TE0.TS5ccdconversionmarking.TI10.TE0.TS5setproductsettings.TI11.TE0.TS5ogtgooglesignals.TI12.TE3~gtm.js.S6.V5.E371.TS5gct.TI1.TE0~*~gtm.dom.S0.V0.E325~gtm.load.S0.V0.E0~gtm.init_consent.S16.V3.E341~GA3726 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f8.1e100.net Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:35 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	favicon.ico stage.server.xpresso.games/	15 KB 15 KB	1121ms 1120ms	Other image/x-icon	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stage.server.xpresso.games/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash 6bfa05a4fa11fb0886a6b63f22ecfe038b2ffb67cb32b1d6fc8e02f75ee849b3 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://stage.server.xpresso.games/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 18:41:35 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 06 Sep 2022 05:20:10 GMT accept-ranges bytes etag "6316d88a-3c2e" content-length 15406 content-type image/x-icon
GET H2	206	xpresso-h264.m4v stage.server.xpresso.games/videos/	832 KB 0	0ms 0ms	Media video/x-m4v	159.69.185.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stage.server.xpresso.games/videos/xpresso-h264.m4v Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.185.213 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.185.69.159.clients.your-server.de Software / Resource Hash Request headers Referer https://stage.server.xpresso.games/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Range bytes=4074046- Response headers Content-Range bytes 4074046-5612397/5612398 date Tue, 13 Aug 2024 18:41:34 GMT last-modified Tue, 06 Sep 2022 05:20:10 GMT etag "6316d88a-55a36e" Content-Length 1538352 content-type video/x-m4v

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| Modernizr function| gtag object| dataLayer object| ybug_settings boolean| isBrowserModern object| webpackJsonpespresso-web object| google_tag_manager object| google_tag_data object| Ybug object| regeneratorRuntime function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb function| setImmediate function| clearImmediate object| __APOLLO_CLIENT__ function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xpresso.games/	1970-01-21 08:22:14	Name: _ga_HV5Z7BX29J Value: GS1.1.1723574495.1.0.1723574495.0.0.0
			.xpresso.games/	1970-01-21 08:22:14	Name: _ga Value: GA1.1.1787301218.1723574495

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
stage.server.xpresso.games
widget.ybug.io
www.googletagmanager.com
142.250.185.136
159.69.185.213
2001:4860:4802:34::36
2400:52e0:1a00::1206:2
2a00:1450:4001:800::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:82f::200a
0264d158d070e0db0306374405ea5c4ef050b1e942859a84838b9d0e02a4d29b
069ddeca700aafafe250362b698892a53c08ce631559ee61d8e9e3f07078b4e1
1b8b1b8e95e8ebcb32acd20122bb4ad338fde33f9a5e3d31fdd17cbc5557c63e
1c36abf552973c11b18abd0492790f78128a0a3b7be30937060f16a9160adca9
397f4c8a47aa0d3e60ec42f93577344a9abf74f531071bcb4cb843512a384891
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41f65c6964962a60854c89e2df2c0924a7b0a145c1249e29a22450530bddee8e
4bae8c6d4db88a430451e18da9ce67c7d84d1800806416987c6890c15fac6bb6
4c31f86e2e89f8508e661d7a376b29c4972da1fa29be71dc62dc49208ca3cadd
58905b8f1a36b94c034f173cb8f7d80d1c7928287e21d0c72f5640bee96cada1
6bfa05a4fa11fb0886a6b63f22ecfe038b2ffb67cb32b1d6fc8e02f75ee849b3
741af729143799e45bea142a07f09d3738c76255d75b8154ec3b71e0330e722f
78c7782f1b056e56e31efd9a63efa1e5e76649da6ecc0c4547962d5490c94f41
7f4f5f5fede70f8f378e6ef9f85b6918e74dc60d8133650af94490e95b39925a
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
940a998376e9eb84e8461720808b9814fd97a0845a0cf179bf55b48bd954ff2b
a5f9197639828dca0f6a67987ffe8453a5f60728a371f1275a7d493cb3ef644c
abe0c997617fba7fd375aff963030276a7f960996e95d04deb7780c48c5785f1
ba8173ec5e88dd293ea6aaa3ee47a0e8ec37f4589e85cdb1985fa7f024b1685e
cbd3757b94f9bc4964bb62a812ae233b421d5d86b6e9f11b6ffc5fd93c90c4ae
db0e28bc33126877fe8007385b323adeb788126ad3266263bdbfed4cf8e6fa8f
e2ff93fd4a7924f44d4eccb588aa91b712de3dd18dd2266f1d0645731b6e7ec1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e97f9455cb9af4dded74dcb01e5e266d88cdd9e0936862a299a28a93ba675d81