account.arena.net Open in urlscan Pro
3.122.79.2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Submission: On December 29 via manual (December 29th 2018, 10:15:31 am UTC) from US

Summary HTTP 96 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 32 domains to perform 96 HTTP transactions. The main IP is 3.122.79.2, located in Fairfield, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is account.arena.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 8th 2017. Valid for: 3 years.

This is the only time account.arena.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	3.122.79.2 3.122.79.2	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	54.230.95.7 54.230.95.7	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	54.230.95.84 54.230.95.84	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	54.230.95.238 54.230.95.238	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	3.122.17.232 3.122.17.232	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 4	23.38.59.137 23.38.59.137	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	54.72.199.154 54.72.199.154	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	198.24.170.27 198.24.170.27	19437 (SS-ASH) (SS-ASH - SECURED SERVERS LLC)
1	198.24.162.123 198.24.162.123	19437 (SS-ASH) (SS-ASH - SECURED SERVERS LLC)
1	163.172.109.112 163.172.109.112	12876 (AS12876) (AS12876)
9	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE - Google LLC)
2	82.199.68.73 82.199.68.73	15830 (TELECITY-LON) (TELECITY-LON)
4 6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	54.247.82.163 54.247.82.163	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5 7	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.235.165.206 54.235.165.206	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	213.133.127.56 213.133.127.56	24940 (HETZNER-AS) (HETZNER-AS)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 8	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3 3	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
3	104.244.46.176 104.244.46.176	13414 (TWITTER) (TWITTER - Twitter Inc.)
4 4	34.250.93.170 34.250.93.170	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	54.154.158.40 54.154.158.40	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.213.56.130 52.213.56.130	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
10	212.32.252.129 212.32.252.129	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	54.171.198.96 54.171.198.96	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	35.159.5.116 35.159.5.116	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE - Google LLC)
5	34.251.79.160 34.251.79.160	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	185.33.223.83 185.33.223.83	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 2	185.33.223.100 185.33.223.100	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
3	199.16.156.11 199.16.156.11	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	185.29.133.52 185.29.133.52	30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc)
3	199.16.156.200 199.16.156.200	13414 (TWITTER) (TWITTER - Twitter Inc.)
96	37

1 3.122.79.2 (Fairfield, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-79-2.eu-central-1.compute.amazonaws.com

account.arena.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.95.7 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-7.fra2.r.cloudfront.net

static.staticwars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.230.95.84 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-84.fra2.r.cloudfront.net

account.staticwars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.95.238 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-238.fra2.r.cloudfront.net

static.staticwars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.17.232 (Fairfield, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-17-232.eu-central-1.compute.amazonaws.com

www.guildwars2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.38.59.137 (Amsterdam, Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-59-137.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.40 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.199.154 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-199-154.eu-west-1.compute.amazonaws.com

guildwars2.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.24.170.27 (Tempe, United States) 1 redirects

ASN19437 (SS-ASH - SECURED SERVERS LLC, US)

ssl.gamereg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.24.162.123 (Tempe, United States)

ASN19437 (SS-ASH - SECURED SERVERS LLC, US)

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.109.112 (United Kingdom)

ASN12876 (AS12876, FR)
PTR: 163-172-109-112.rev.poneytelecom.eu

trk.wescale.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.22.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.199.68.73 (Netherlands)

ASN15830 (TELECITY-LON, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Ireland) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.247.82.163 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-82-163.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:819::2004 (Ireland) 5 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:816::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.165.206 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-235-165-206.compute-1.amazonaws.com

ads.blindferretmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.133.127.56 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.213-133-127-56.clients.your-server.de

static.mmotraffic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
shop.pistenbully.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.233.201 (European Union) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:234:59:254c:406:2366:268c (United States) 3 redirects

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.46.176 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.250.93.170 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-93-170.eu-west-1.compute.amazonaws.com

tracking.crobo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.154.158.40 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-158-40.eu-west-1.compute.amazonaws.com

go.apptrk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.56.130 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-56-130.eu-west-1.compute.amazonaws.com

go.apptrk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 212.32.252.129 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rexmox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.198.96 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-198-96.eu-west-1.compute.amazonaws.com

a2g-secure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.159.5.116 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-159-5-116.eu-central-1.compute.amazonaws.com

muntsbjct-nonernal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f98.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.251.79.160 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-251-79-160.eu-west-1.compute.amazonaws.com

go.playmmogames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.83 (European Union) 1 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.100 (European Union) 1 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.16.156.11 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.52 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)

mathid.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.16.156.200 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	rexmox.com rexmox.com	4 KB
10	doubleclick.net 5 redirects googleads.g.doubleclick.net pubads.g.doubleclick.net stats.g.doubleclick.net	5 KB
9	mathtag.com 1 redirects pixel.mathtag.com mathid.mathtag.com	29 KB
9	googleadservices.com www.googleadservices.com	49 KB
9	staticwars.com static.staticwars.com account.staticwars.com	144 KB
7	google.de www.google.de	763 B
7	google.com 5 redirects www.google.com	3 KB
6	twitter.com 3 redirects platform.twitter.com analytics.twitter.com	1 KB
6	serving-sys.com 1 redirects secure-ds.serving-sys.com bs.serving-sys.com	17 KB
5	playmmogames.com go.playmmogames.com	1 KB
4	adnxs.com 2 redirects ib.adnxs.com secure.adnxs.com	4 KB
4	apptrk.io go.apptrk.io
4	crobo.com 4 redirects tracking.crobo.com	1 KB
4	adroll.com s.adroll.com d.adroll.com	79 KB
4	google-analytics.com 1 redirects www.google-analytics.com	34 KB
3	t.co t.co	405 B
3	ads-twitter.com static.ads-twitter.com	6 KB
2	googletagmanager.com www.googletagmanager.com	65 KB
1	facebook.com www.facebook.com	144 B
1	muntsbjct-nonernal.com muntsbjct-nonernal.com	422 B
1	a2g-secure.com a2g-secure.com
1	facebook.net connect.facebook.net	3 KB
1	pistenbully.com shop.pistenbully.com
1	mmotraffic.com 1 redirects static.mmotraffic.com	664 B
1	blindferretmedia.com ads.blindferretmedia.com	502 B
1	wescale.it trk.wescale.it	75 B
1	cpmstar.com server.cpmstar.com	515 B
1	gamereg.net 1 redirects ssl.gamereg.net	614 B
1	go2cloud.org guildwars2.go2cloud.org
1	guildwars2.com www.guildwars2.com	396 B
1	arena.net account.arena.net	4 KB
0	popmog.com Failed track.popmog.com Failed
96	32

	Domain	Requested by
10	rexmox.com	secure-ds.serving-sys.com account.arena.net rexmox.com
9	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com secure-ds.serving-sys.com
8	pixel.mathtag.com	1 redirects account.arena.net pixel.mathtag.com
7	www.google.de	account.arena.net
7	www.google.com	5 redirects account.arena.net
6	googleads.g.doubleclick.net	4 redirects www.googleadservices.com
5	go.playmmogames.com	account.arena.net
5	account.staticwars.com	account.arena.net
4	go.apptrk.io	secure-ds.serving-sys.com
4	tracking.crobo.com	4 redirects
4	www.google-analytics.com	1 redirects www.googletagmanager.com account.arena.net
4	secure-ds.serving-sys.com	1 redirects www.googletagmanager.com account.arena.net
4	static.staticwars.com	account.arena.net
3	analytics.twitter.com	static.ads-twitter.com
3	t.co	account.arena.net
3	pubads.g.doubleclick.net	account.arena.net
3	static.ads-twitter.com	account.arena.net
3	platform.twitter.com	3 redirects
2	secure.adnxs.com	1 redirects account.arena.net
2	ib.adnxs.com	1 redirects account.arena.net
2	d.adroll.com	s.adroll.com account.arena.net
2	bs.serving-sys.com	www.googletagmanager.com secure-ds.serving-sys.com
2	s.adroll.com	www.googletagmanager.com s.adroll.com
2	www.googletagmanager.com	account.arena.net www.googletagmanager.com
1	mathid.mathtag.com	pixel.mathtag.com
1	stats.g.doubleclick.net	1 redirects
1	www.facebook.com	account.arena.net
1	muntsbjct-nonernal.com	account.arena.net
1	a2g-secure.com	secure-ds.serving-sys.com
1	connect.facebook.net	account.arena.net
1	shop.pistenbully.com	account.arena.net
1	static.mmotraffic.com	1 redirects
1	ads.blindferretmedia.com	account.arena.net
1	trk.wescale.it	account.arena.net
1	server.cpmstar.com	account.arena.net
1	ssl.gamereg.net	1 redirects
1	guildwars2.go2cloud.org	account.arena.net
1	www.guildwars2.com	static.staticwars.com
1	account.arena.net
0	track.popmog.com Failed	account.arena.net
96	40

This site contains links to these domains. Also see Links.

Domain
www.guildwars2.com
en-forum.guildwars2.com
support.guildwars2.com
wiki.guildwars2.com
www.arena.net
guildwars2.com
www.esrb.org

Subject Issuer	Validity	Valid
*.arena.net Go Daddy Secure Certificate Authority - G2	`2017-03-08` - `2020-03-24`	3 years	crt.sh
*.staticwars.com Go Daddy Secure Certificate Authority - G2	`2017-03-15` - `2020-04-22`	3 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.guildwars2.com Go Daddy Secure Certificate Authority - G2	`2017-03-15` - `2020-04-11`	3 years	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2018-02-01` - `2019-02-01`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-02-14` - `2019-02-14`	a year	crt.sh
*.go2cloud.org Go Daddy Secure Certificate Authority - G2	`2017-11-13` - `2020-12-04`	3 years	crt.sh
server.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2018-06-30` - `2020-08-29`	2 years	crt.sh
*.wescale.it COMODO RSA Domain Validation Secure Server CA	`2017-03-17` - `2020-03-16`	3 years	crt.sh
www.googleadservices.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2018-03-08` - `2020-03-08`	2 years	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
ads.blindferretmedia.com Let's Encrypt Authority X3	`2018-11-09` - `2019-02-07`	3 months	crt.sh
*.pistenbully.com Thawte TLS RSA CA G1	`2018-08-24` - `2019-10-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2018-02-13` - `2019-03-15`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-06-28` - `2019-07-03`	a year	crt.sh
go.apptrk.io Amazon	`2018-04-18` - `2019-05-18`	a year	crt.sh
*.rexmox.com AlphaSSL CA - SHA256 - G2	`2018-08-28` - `2019-10-11`	a year	crt.sh
*.a2g-secure.com AlphaSSL CA - SHA256 - G2	`2018-03-27` - `2019-03-28`	a year	crt.sh
muntsbjct-nonernal.com COMODO RSA Domain Validation Secure Server CA	`2018-08-20` - `2019-12-18`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2018-01-25` - `2019-01-25`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2018-10-31` - `2019-11-05`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2018-01-26` - `2020-04-16`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2018-10-31` - `2020-02-12`	a year	crt.sh

This page contains 37 frames:

Primary Page: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Frame ID: 0412218ACE6F2459A1B68B166DA6E49F
Requests: 33 HTTP requests in this frame

Frame: https://guildwars2.go2cloud.org/aff_l?offer_id=19&adv_sub=710D8B34-3E01-E911-81B6-95103C0D6492
Frame ID: BC063A8EBF4E4D93AB8A28901E8C84E1
Requests: 1 HTTP requests in this frame

Frame: https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=665453&ifrm=1&rnd=183102.3808252321
Frame ID: 3BA523258C91775AC1914849FBF1493E
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: D0AE6C541A1F20B5BCEB49E08A8724BB
Requests: 3 HTTP requests in this frame

Frame: https://ads.blindferretmedia.com/conversion/track.php?tracker_id=658
Frame ID: 0E0471A0904884E4D6C11FB6D670474B
Requests: 1 HTTP requests in this frame

Frame: https://shop.pistenbully.com/ciffart-min.js?v=2
Frame ID: 2B7269EEC60139B43AFF4166B57DD597
Requests: 1 HTTP requests in this frame

Frame: https://connect.facebook.net/en_US/fbds.js
Frame ID: DD505AEA83ADB950E338B3B87C51E7F6
Requests: 2 HTTP requests in this frame

Frame: https://pixel.mathtag.com/event/js?mt_id=826338&mt_adid=130512&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct
Frame ID: D0F389A000E27E76AF614D26FAA0EFE1
Requests: 6 HTTP requests in this frame

Frame: https://static.ads-twitter.com/oct.js
Frame ID: 85736A9AFD5B843D5D477300ED278E10
Requests: 3 HTTP requests in this frame

Frame: https://static.ads-twitter.com/oct.js
Frame ID: 2A29613F7F8D35E5535BC71302967045
Requests: 3 HTTP requests in this frame

Frame: https://static.ads-twitter.com/oct.js
Frame ID: 03B4D642ED102F1B9F784BA5375F3589
Requests: 3 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: F8D166F1B4BE0389DD501C28A2BC5A2E
Requests: 4 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 38E25B2FD8DB90778D5274C12DF92A58
Requests: 3 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 023B1E35969F033229D9B021CD44C082
Requests: 2 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: E61C8001274863A394AD9CB20C1CDD87
Requests: 3 HTTP requests in this frame

Frame: https://go.apptrk.io/aff_l?offer_id=14952
Frame ID: EE1DE7401B6734B791082A939D2151E4
Requests: 1 HTTP requests in this frame

Frame: https://go.apptrk.io/aff_l?offer_id=14954
Frame ID: 8A73F6C331A486044A5F08D34D608AB4
Requests: 1 HTTP requests in this frame

Frame: https://go.apptrk.io/aff_l?offer_id=14958
Frame ID: 762B2ADDD991AB290E35B96B1DE3D51C
Requests: 1 HTTP requests in this frame

Frame: https://go.apptrk.io/aff_l?offer_id=14956
Frame ID: 579B8625D69FF5A89969886A816C31C1
Requests: 1 HTTP requests in this frame

Frame: https://rexmox.com/track.js
Frame ID: 4F3695A13F37142DDA0F3832E91058EC
Requests: 2 HTTP requests in this frame

Frame: https://rexmox.com/track.js
Frame ID: 67C408636A2DF377ED6002BE347E0134
Requests: 2 HTTP requests in this frame

Frame: https://rexmox.com/track.js
Frame ID: 587D295081A089576089C3EEE3E5F91C
Requests: 2 HTTP requests in this frame

Frame: https://rexmox.com/track.js
Frame ID: 32353F86FC082B283199F31C7CD119F1
Requests: 2 HTTP requests in this frame

Frame: https://rexmox.com/track.js
Frame ID: F1DD7F300CFC57314C58021C35FC1DDE
Requests: 2 HTTP requests in this frame

Frame: https://a2g-secure.com/p.ashx?a=8310&e=426&t=TRANSACTION_ID
Frame ID: B34CC0D5D25D7F3E9F5D03761E91A842
Requests: 1 HTTP requests in this frame

Frame: https://muntsbjct-nonernal.com/conversion.gif
Frame ID: 29F915E09924A675DBCEECACB5AB0B9E
Requests: 1 HTTP requests in this frame

Frame: https://pubads.g.doubleclick.net/activity;xsp=4386440;ord=7042551088179.05
Frame ID: DE2B546030D53C5EAF54898303264E4C
Requests: 1 HTTP requests in this frame

Frame: https://pubads.g.doubleclick.net/activity;xsp=4386887;ord=1043665058543.537
Frame ID: CCF6C73A726AADA19A5136F76F762697
Requests: 1 HTTP requests in this frame

Frame: https://pubads.g.doubleclick.net/activity;xsp=4386884;ord=653014274290.542
Frame ID: 034796D6C8ACE2E357CA3970D40C4105
Requests: 1 HTTP requests in this frame

Frame: http://go.playmmogames.com/aff_l?offer_id=6268
Frame ID: 7EF4D679575D4FF26A1260035C4818A0
Requests: 1 HTTP requests in this frame

Frame: http://go.playmmogames.com/aff_l?offer_id=6340
Frame ID: 2E58764FA125456CABAE4E1739215A65
Requests: 1 HTTP requests in this frame

Frame: http://go.playmmogames.com/aff_l?offer_id=6342
Frame ID: 92CBAE45BE8C0715ECF772CE93E32753
Requests: 1 HTTP requests in this frame

Frame: http://go.playmmogames.com/aff_l?offer_id=6344
Frame ID: A3DCA45CF8BB0095E4D33D39ECFDB73E
Requests: 1 HTTP requests in this frame

Frame: http://go.playmmogames.com/aff_l?offer_id=6346
Frame ID: 2B379C596B19FCF766C3445AF810AAA5
Requests: 1 HTTP requests in this frame

Frame: http://ib.adnxs.com/bounce?%2Fpx%3Fid%3D743617%26seg%3D5928183%26t%3D2
Frame ID: 992F6678CF3F4F6BCB155783EDC7DE6B
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=b2d15c27-3aea-4800-b83a-218a2dfcdcde&no_iframe=1&mt_adid=130512
Frame ID: 8F2278951580E82C058E8150442204B0
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?realm=batch_supply&mt_adid=130512&mt_id=826338&mt_nobot=1
Frame ID: 7FAB3EB9F624131D1EE486206FB28643
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Pure CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+(?:([\d.])+\/)?pure(?:-min)?\.css/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i
env /^adroll_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Page Statistics

96
Requests

93 %
HTTPS

23 %
IPv6

32
Domains

40
Subdomains

37
IPs

6
Countries

444 kB
Transfer

1001 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.guildwars2.com/
Title: Guildwars2.com

Search URL Search Domain Scan URL

URL: https://en-forum.guildwars2.com/
Title: Forums

Search URL Search Domain Scan URL

URL: https://support.guildwars2.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://wiki.guildwars2.com/
Title: Wiki

Search URL Search Domain Scan URL

URL: http://www.arena.net/

Search URL Search Domain Scan URL

URL: https://guildwars2.com/en/legal/arenanet-privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://guildwars2.com/en/legal/
Title: Legal Documentation

Search URL Search Domain Scan URL

URL: http://www.esrb.org/

Search URL Search Domain Scan URL

URL: https://www.guildwars2.com/en/legal/arenanet-privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://ssl.gamereg.net/cgmc002g4PAg?gtmcb=319401900 HTTP 302
https://server.cpmstar.com/action.aspx?a=1670&gtmcb=319401900&gif=1&aguid=a2308969-34f1-4ef0-8ae2-7f1788071219

Request Chain 20

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/585 HTTP 302
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

Request Chain 27

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017431242/?random=537846644&cv=9&fst=*&num=1&label=t-AXCIOXvogBEMqJk-UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dconversion&gtm=2oabc0&sendb=1&frm=0&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&tiba=ArenaNet&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=JEknXOmDKYicgAeMyJmAAw&sscte=1&crd=CILQGw&gtd= HTTP 302
https://www.google.com/pagead/1p-conversion/1017431242/?random=537846644&cv=9&fst=*&num=1&label=t-AXCIOXvogBEMqJk-UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dconversion&gtm=2oabc0&sendb=1&frm=0&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&tiba=ArenaNet&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JEknXOmDKYicgAeMyJmAAw&random=3895098618&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1017431242/?random=537846644&cv=9&fst=*&num=1&label=t-AXCIOXvogBEMqJk-UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dconversion&gtm=2oabc0&sendb=1&frm=0&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&tiba=ArenaNet&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JEknXOmDKYicgAeMyJmAAw&random=3895098618&resp=GooglemKTybQhCsO&ipr=y

Request Chain 32

https://static.mmotraffic.com/ciffart-min.js?v=2 HTTP 301
https://shop.pistenbully.com/ciffart-min.js?v=2

Request Chain 34

https://pixel.mathtag.com/event/js?mt_id=826338&mt_adid=130512&v1=&v2=&v3=&s1=&s2=&s3= HTTP 302
https://pixel.mathtag.com/event/js?mt_id=826338&mt_adid=130512&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct

Request Chain 35

https://platform.twitter.com/oct.js HTTP 302
https://static.ads-twitter.com/oct.js

Request Chain 36

https://platform.twitter.com/oct.js HTTP 302
https://static.ads-twitter.com/oct.js

Request Chain 37

https://platform.twitter.com/oct.js HTTP 302
https://static.ads-twitter.com/oct.js

Request Chain 42

https://tracking.crobo.com/aff_l?offer_id=14952 HTTP 302
https://go.apptrk.io/aff_l?offer_id=14952

Request Chain 43

https://tracking.crobo.com/aff_l?offer_id=14954 HTTP 302
https://go.apptrk.io/aff_l?offer_id=14954

Request Chain 44

https://tracking.crobo.com/aff_l?offer_id=14958 HTTP 302
https://go.apptrk.io/aff_l?offer_id=14958

Request Chain 45

https://tracking.crobo.com/aff_l?offer_id=14956 HTTP 302
https://go.apptrk.io/aff_l?offer_id=14956

Request Chain 61

http://ib.adnxs.com/px?id=743617&seg=5928183&t=2 HTTP 302
http://ib.adnxs.com/bounce?%2Fpx%3Fid%3D743617%26seg%3D5928183%26t%3D2

Request Chain 63

https://secure.adnxs.com/px?id=636098&seg=4037142&t=2 HTTP 302
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D636098%26seg%3D4037142%26t%3D2

Request Chain 72

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1451631493&t=pageview&_s=1&dl=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_u=AACAAEAB~&jid=1858407684&gjid=590942775&cid=9413793.1546078501&tid=UA-31105670-11&_gid=893615440.1546078501&_r=1&z=1431072101 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-31105670-11&cid=9413793.1546078501&jid=1858407684&_gid=893615440.1546078501&gjid=590942775&_v=j72&z=1431072101 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31105670-11&cid=9413793.1546078501&jid=1858407684&_v=j72&z=1431072101 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31105670-11&cid=9413793.1546078501&jid=1858407684&_v=j72&z=1431072101&slf_rd=1&random=3158290815

Request Chain 79

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017431242/?random=111782961&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=JUknXJDSINf0gAfdnbGoCw&sscte=1&crd=CILQGw&gtd= HTTP 302
https://www.google.com/pagead/1p-conversion/1017431242/?random=111782961&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JUknXJDSINf0gAfdnbGoCw&random=4054243913&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1017431242/?random=111782961&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JUknXJDSINf0gAfdnbGoCw&random=4054243913&resp=GooglemKTybQhCsO&ipr=y

Request Chain 83

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017431242/?random=1917787969&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=JUknXJTeJMj3gAeB8I-4DQ&sscte=1&crd=CILQGw&gtd= HTTP 302
https://www.google.com/pagead/1p-conversion/1017431242/?random=1917787969&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JUknXJTeJMj3gAeB8I-4DQ&random=99779462&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1017431242/?random=1917787969&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JUknXJTeJMj3gAeB8I-4DQ&random=99779462&resp=GooglemKTybQhCsO&ipr=y

Request Chain 84

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017431242/?random=1975383086&cv=9&fst=*&num=1&label=Q7dECJ323V8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=JUknXOn-JcuB-gbywKK4Cw&sscte=1&crd=CILQGw&gtd= HTTP 302
https://www.google.com/pagead/1p-conversion/1017431242/?random=1975383086&cv=9&fst=*&num=1&label=Q7dECJ323V8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JUknXOn-JcuB-gbywKK4Cw&random=1151817809&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1017431242/?random=1975383086&cv=9&fst=*&num=1&label=Q7dECJ323V8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JUknXOn-JcuB-gbywKK4Cw&random=1151817809&resp=GooglemKTybQhCsO&ipr=y

96 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request verify Show response
account.arena.net/ 9 KB
4 KB 66ms
33ms Document
text/html 3.122.79.2
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.122.79.2 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-3-122-79-2.eu-central-1.compute.amazonaws.com

Software

Quaggans / ARR/2.5

Resource Hash

a936104a8a5bb59016dbf7505f57488e5cd88eeaeb1bd00ae7a7bff71251a8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: account.arena.net
:scheme: https
:path: /verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Sat, 29 Dec 2018 10:14:59 GMT
content-type: text/html; charset=utf-8
content-length: 3381
content-encoding: gzip
vary: Accept-Encoding
server: Quaggans
x-powered-by: ARR/2.5
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 grids-responsive.css
static.staticwars.com/combo/_/fonts/cronos/v1/cronos-light.css&/fonts/cronos/v1/cronos-regular.css&/fonts/cronos/v1/cronos-bold.css&/fonts/cronos/v1/cronos-italic.css&/fonts/cronos/v1/cronos-boldit... 52 KB
11 KB 300ms
9ms Stylesheet
text/css 54.230.95.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staticwars.com/combo/_/fonts/cronos/v1/cronos-light.css&/fonts/cronos/v1/cronos-regular.css&/fonts/cronos/v1/cronos-bold.css&/fonts/cronos/v1/cronos-italic.css&/fonts/cronos/v1/cronos-bolditalic.css&/fonts/eason/v1/eason-regular.css&/fonts/eason/v1/eason-italic.css&/fonts/eason/v1/eason-bold.css&/fonts/eason/v1/eason-displaycaps.css&/pure/0.6.0/pure.css&/pure/0.6.0/grids-responsive.css

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.95.7 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-95-7.fra2.r.cloudfront.net

Software

Quaggans / ARR/2.5

Resource Hash

a505a888739fef6277c2b08cbea4e10c124a5c31943a0b6bb0b249637dc40213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 20 Apr 2018 00:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21895765
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
x-powered-by: ARR/2.5
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 10658
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Oct 2017 16:40:50 GMT
server: Quaggans
x-frame-options: SAMEORIGIN
etag: "UfNSryLjFCv8EIBPCxG05eKtpFI="
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
x-amz-cf-id: YBFdh1_H6xZDDe8rX5mObJpQnxAr8b9dO1cvt9IUYKUR_1CQBrrJXA==

GET
H2 200 styles.95e63f67.css
account.staticwars.com/gen/ 33 KB
9 KB 103ms
36ms Stylesheet
text/css 54.230.95.84
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://account.staticwars.com/gen/styles.95e63f67.css

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.95.84 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-95-84.fra2.r.cloudfront.net

Software

Quaggans / ARR/2.5

Resource Hash

aa7c6cab13c83d2d3e5ed8f41556b8d0965f7a14b1af8825c424229763687a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 05 Dec 2018 22:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2028342
via: 1.1 e621b964f8c348548e0b42950cc55248.cloudfront.net (CloudFront)
x-powered-by: ARR/2.5
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8521
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Dec 2018 22:39:47 GMT
server: Quaggans
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: https://account.arena.net
cache-control: max-age=31536000,public,immutable
x-amz-cf-id: kgtmnC4iGLJSIE06ngq3jYyKqzUU5Om81b6HtQqq0ShVdmhgr6LCWA==

GET
H2 200 mithril.js Show response
static.staticwars.com/mithril/0.2.0/ 45 KB
14 KB 300ms
11ms Script
application/javascript 54.230.95.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staticwars.com/mithril/0.2.0/mithril.js

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.95.7 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-95-7.fra2.r.cloudfront.net

Software

Quaggans / ARR/2.5

Resource Hash

809f8909eca5e961b54027516b842d7fd827292bea1f1ad8255e14fc0b250885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 13081148
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
x-powered-by: ARR/2.5
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
content-length: 13880
x-xss-protection: 1; mode=block
last-modified: Sat, 27 Feb 2016 05:53:30 GMT
server: Quaggans
date: Thu, 17 Aug 2017 06:44:20 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
x-amz-cf-id: JybkhlmNLHm_XXn2ZfmRm2oEqCG7bnEDeFhlJT5ivuFZ2EOwhJoB8Q==

GET
H2 200 strings-en.82f0436b.js Show response
account.staticwars.com/gen/i18n/ 33 KB
11 KB 84ms
23ms Script
application/javascript 54.230.95.84
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://account.staticwars.com/gen/i18n/strings-en.82f0436b.js

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.95.84 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-95-84.fra2.r.cloudfront.net

Software

Quaggans / ARR/2.5

Resource Hash

3348402d756ddb8ac3bc49f660cfc25cd535309bbe3219b0d3ff39ae67ad1dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 05 Dec 2018 22:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2028338
via: 1.1 e621b964f8c348548e0b42950cc55248.cloudfront.net (CloudFront)
x-powered-by: ARR/2.5
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 10364
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Dec 2018 22:39:35 GMT
server: Quaggans
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://account.arena.net
cache-control: max-age=31536000,public,immutable
x-amz-cf-id: kbGrf1SrChI4sxVcPLSSMcxkHwL0y_3r2Vkih5z0NHky3TJ_3dQz0Q==

GET
H2 200 index.b2999bf3-svc.js Show response
account.staticwars.com/combo/_/gen/rollup.6a8f88ae.js&/services/2bumpers/gen/cookie-notification/ 109 KB
34 KB 88ms
27ms Script
application/javascript 54.230.95.84
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://account.staticwars.com/combo/_/gen/rollup.6a8f88ae.js&/services/2bumpers/gen/cookie-notification/index.b2999bf3-svc.js

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.95.84 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-95-84.fra2.r.cloudfront.net

Software

Quaggans / ARR/2.5

Resource Hash

894ccea8e9987ed2e66b8c4b320d37427f90b7e7df1c153e9254a57f5af97d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 05 Dec 2018 22:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2028338
via: 1.1 e621b964f8c348548e0b42950cc55248.cloudfront.net (CloudFront)
x-powered-by: ARR/2.5
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 33972
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Dec 2018 22:49:16 GMT
server: Quaggans
x-frame-options: SAMEORIGIN
etag: "k2cYeMjXjNuwvhV5woQi4BrOgS0="
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
x-amz-cf-id: Y5teCi0jxgvp_cT61vhgmTirD5sQZQQz_HLkOAdZDFcH7nsirHcqDw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 106 KB
34 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W3L9JC

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

14fb80a7bda764a3434eaacdb50025534e7364b214fbf6cd034d4c0a365a1b69

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:00 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 34541
x-xss-protection: 1; mode=block
expires: Sat, 29 Dec 2018 10:15:00 GMT

GET
H2 200 arenanet.a4f127d4.jpg
account.staticwars.com/preload/components/footer/img/ 3 KB
4 KB 12ms
8ms Image
image/jpeg 54.230.95.84
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.staticwars.com/preload/components/footer/img/arenanet.a4f127d4.jpg

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.95.84 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-95-84.fra2.r.cloudfront.net

Software

Quaggans / ARR/2.5

Resource Hash

516cd6e95d1d1b6289c5454faaee97391aacef30a293dfe554eb2361c2bf2554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.staticwars.com/gen/styles.95e63f67.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 05 Dec 2018 22:49:18 GMT
via: 1.1 e621b964f8c348548e0b42950cc55248.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2028342
x-powered-by: ARR/2.5
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3500
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Nov 2016 19:43:15 GMT
server: Quaggans
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: https://account.arena.net
cache-control: max-age=31536000,public,immutable
x-amz-cf-id: k8nTa3_bNymgODQj7CZ5igT2cnByJYwnMjrsVnCvnGB77p6iNs9vqQ==

GET
H2 200 esrb.3a364458.png
account.staticwars.com/preload/components/footer/img/ 2 KB
3 KB 12ms
9ms Image
image/png 54.230.95.84
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.staticwars.com/preload/components/footer/img/esrb.3a364458.png

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.95.84 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-95-84.fra2.r.cloudfront.net

Software

Quaggans / ARR/2.5

Resource Hash

440cd745f8aed3064c7cfd1a9154e1767cd7fee911f729f9cb4d69eb7b954434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.staticwars.com/gen/styles.95e63f67.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 05 Dec 2018 23:02:22 GMT
via: 1.1 e621b964f8c348548e0b42950cc55248.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2027558
x-powered-by: ARR/2.5
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2123
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Nov 2016 19:43:15 GMT
server: Quaggans
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://account.arena.net
cache-control: max-age=31536000,public,immutable
x-amz-cf-id: iEY76Rg_DbysPNsP5f1iyerAVFuguGBI9jetYTk_kZ_KbIatbkTtDg==

GET
H2 200 easonpro-displaycaps-webfont.woff
static.staticwars.com/fonts/eason/v1/ 26 KB
27 KB 1345ms
10ms Font
application/font-woff 54.230.95.238
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staticwars.com/fonts/eason/v1/easonpro-displaycaps-webfont.woff

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.95.238 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-95-238.fra2.r.cloudfront.net

Software

Quaggans / ARR/2.5

Resource Hash

7dbf298eb65ba89de3052ccb475c99643f19ab2a584bcbc6d584a9cc2744da3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://static.staticwars.com/combo/_/fonts/cronos/v1/cronos-light.css&/fonts/cronos/v1/cronos-regular.css&/fonts/cronos/v1/cronos-bold.css&/fonts/cronos/v1/cronos-italic.css&/fonts/cronos/v1/cronos-bolditalic.css&/fonts/eason/v1/eason-regular.css&/fonts/eason/v1/eason-italic.css&/fonts/eason/v1/eason-bold.css&/fonts/eason/v1/eason-displaycaps.css&/pure/0.6.0/pure.css&/pure/0.6.0/grids-responsive.css
Origin: https://account.arena.net

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 13082621
x-powered-by: ARR/2.5
x-cache: Hit from cloudfront
status: 200
content-length: 26736
x-xss-protection: 1; mode=block
last-modified: Sat, 27 Feb 2016 05:53:27 GMT
server: Quaggans
date: Tue, 12 Sep 2017 19:14:33 GMT
x-frame-options: SAMEORIGIN
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
x-amz-cf-id: DnGhBxNl3lUGdmG1FaYbpvvkFRquOgkQHGEgI7-9TeGgE05zUppOcA==

GET
H2 200 cronospro-regular-webfont.woff
static.staticwars.com/fonts/cronos/v1/ 32 KB
33 KB 1345ms
11ms Font
application/font-woff 54.230.95.238
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staticwars.com/fonts/cronos/v1/cronospro-regular-webfont.woff

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.95.238 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-95-238.fra2.r.cloudfront.net

Software

Quaggans / ARR/2.5

Resource Hash

8663bcdc3cbd483e4b58627f3675f878544fcf213947a732500214233ae200fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://static.staticwars.com/combo/_/fonts/cronos/v1/cronos-light.css&/fonts/cronos/v1/cronos-regular.css&/fonts/cronos/v1/cronos-bold.css&/fonts/cronos/v1/cronos-italic.css&/fonts/cronos/v1/cronos-bolditalic.css&/fonts/eason/v1/eason-regular.css&/fonts/eason/v1/eason-italic.css&/fonts/eason/v1/eason-bold.css&/fonts/eason/v1/eason-displaycaps.css&/pure/0.6.0/pure.css&/pure/0.6.0/grids-responsive.css
Origin: https://account.arena.net

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 13093707
x-powered-by: ARR/2.5
x-cache: Hit from cloudfront
status: 200
content-length: 33004
x-xss-protection: 1; mode=block
last-modified: Sat, 27 Feb 2016 05:53:27 GMT
server: Quaggans
date: Mon, 14 Aug 2017 18:59:14 GMT
x-frame-options: SAMEORIGIN
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
x-amz-cf-id: 2ToUrwDopbrceGt2SqJGjlm7Puvfov7JVG6Q_Ga5KUfJ3RQjkKjx4A==

GET
H2 200 sync Show response
www.guildwars2.com/tracking/cid/ 2 B
396 B 48ms
10ms XHR
application/json 3.122.17.232
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guildwars2.com/tracking/cid/sync?_t=1546078500438

Requested by

Host: static.staticwars.com
URL: https://static.staticwars.com/mithril/0.2.0/mithril.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.122.17.232 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-3-122-17-232.eu-central-1.compute.amazonaws.com

Software

Quaggans / ARR/2.5

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/*
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Origin: https://account.arena.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
server: Quaggans
status: 200
x-powered-by: ARR/2.5
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://account.arena.net
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 33
x-xss-protection: 1; mode=block

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 45 KB
13 KB 76ms
7ms Script
application/javascript 23.38.59.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3L9JC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.59.137 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-59-137.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash: c1e8b0da242c479efead460856546e711b39dd43df0b136dcfe53fec3091a3d9

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:00 GMT
content-encoding: gzip
etag: "9033a32bc896d41:0"
last-modified: Tue, 18 Dec 2018 11:52:37 GMT
server: Microsoft-IIS/8.5
access-control-allow-origin: *
x-powered-by: ARR/2.5, ASP.NET
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 13567

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3L9JC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:808::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 3639
date: Sat, 29 Dec 2018 09:14:21 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Sat, 29 Dec 2018 11:14:21 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 32 KB
11 KB 116ms
25ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3L9JC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ecf74f827a3f7ff4c8e718bfac1591c46ae9bb3c2f56782e56d783fe8e08089b

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: RaZzqa54RXmFMIG0X9U9HCRtxF2GOxGI
Content-Encoding: gzip
x-amz-request-id: 2421708ABC6E0618
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Sat, 29 Dec 2018 10:15:00 GMT
Connection: keep-alive
Content-Length: 10327
x-amz-id-2: VJUAMzoW4u1Wf+1si277xm6cP1zFgf8z2AlP4o1e2dAcj294BRdr/u74UFgvuD8f3oR8qdO8IBI=
Last-Modified: Wed, 19 Dec 2018 20:45:54 GMT
Server: AmazonS3
ETag: "26f3d6cad93fa863d92ab072d9fd9a75"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK aff_l
guildwars2.go2cloud.org/ Frame BC06 0
0 1669ms
534ms Document
text/plain 54.72.199.154
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://guildwars2.go2cloud.org/aff_l?offer_id=19&adv_sub=710D8B34-3E01-E911-81B6-95103C0D6492
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.199.154 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-199-154.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash

Request headers

Host: guildwars2.go2cloud.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Date: Sat, 29 Dec 2018 10:15:02 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx/1.13.12
Content-Length: 0
Connection: keep-alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
32 KB 36ms
29ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1017431242

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3L9JC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

c4d0e9217f2a10152e30b60085e3552effbb2f8401564e787a20dd5bdab3c516

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:00 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 32165
x-xss-protection: 1; mode=block
expires: Sat, 29 Dec 2018 10:15:00 GMT

GET
H/1.1

200
OK

action.aspx
server.cpmstar.com/
Redirect Chain

https://ssl.gamereg.net/cgmc002g4PAg?gtmcb=319401900
https://server.cpmstar.com/action.aspx?a=1670&gtmcb=319401900&gif=1&aguid=a2308969-34f1-4ef0-8ae2-7f1788071219

43 B
515 B

485ms
96ms

Image
image/gif

198.24.162.123
SECURED SERVERS LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.cpmstar.com/action.aspx?a=1670&gtmcb=319401900&gif=1&aguid=a2308969-34f1-4ef0-8ae2-7f1788071219
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.162.123 Tempe, United States, ASN19437 (SS-ASH - SECURED SERVERS LLC, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Dec 2018 10:15:08 GMT
Server: Microsoft-IIS/8.5
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Connection: close
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 29 Dec 2018 10:15:01 GMT
Server: Microsoft-IIS/8.5
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Location: //server.cpmstar.com/action.aspx?a=1670&gtmcb=319401900&gif=1&aguid=a2308969-34f1-4ef0-8ae2-7f1788071219
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 233
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 400
OK conv
trk.wescale.it/ 75 B
75 B 3175ms
29ms Image
text/html 163.172.109.112
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.wescale.it/conv?cpg_id=30745
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.109.112 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS: 163-172-109-112.rev.poneytelecom.eu
Software: nginx/1.12.2 /
Resource Hash: 0fe6f1b8fa310d707f732d8d942234bda124653775ac8c6f2d1c81853eb8a773

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 29 Dec 2018 10:15:03 GMT
Cache-Control: no-transform
Server: nginx/1.12.2
Content-Length: 75
Content-Type: text/html

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 14ms
13ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j72&aip=1&a=337005124&t=pageview&_s=1&dl=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&dp=%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&ul=en-us&de=UTF-8&dt=ArenaNet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=1149001950&gjid=743226104&cid=9413793.1546078501&tid=UA-15061322-1&_gid=893615440.1546078501&_r=1&gtm=2wgbc0W3L9JC&z=1399595251

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:808::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 18ms
17ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1017431242

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

9f7ec14b65196ecc6380422716725a5a5dcb4261f5988ef381905dd0f8fd031f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 8755
x-xss-protection: 1; mode=block
server: cafe
etag: 14625954634965495121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Dec 2018 10:15:00 GMT

GET
H2

302

OneTagDefaultConfig.json Show response
secure-ds.serving-sys.com/BurstingCachedScripts/
Redirect Chain

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/585
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

0
-1 B

143ms
112ms

XHR

23.38.59.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.59.137 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-59-137.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 302
date: Sat, 29 Dec 2018 10:15:00 GMT
server: AkamaiGHost
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
location: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

Redirect headers

status: 302
date: Sat, 29 Dec 2018 10:15:00 GMT
server: AkamaiGHost
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
location: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

GET
H/1.1 200 Cookie set ActivityServer.bs
bs.serving-sys.com/Serving/ Frame 3BA5 0
0 197ms
29ms Document
text/html 82.199.68.73
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=665453&ifrm=1&rnd=183102.3808252321
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3L9JC
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Host: bs.serving-sys.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Response headers

Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Expires: Sun, 05-Jun-2005 22:00:00 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: ActivityInfo2=002N77tCR0_; expires=Fri, 29-Mar-2019 05:15:00 GMT; domain=.serving-sys.com; path=/ eyeblaster=; expires=Mon, 01-Jan-2000 00:00:00 GMT; domain=.serving-sys.com; path=/ u2=9e79f397-8a49-430b-bdcb-d8325bf414aa4nC080; expires=Fri, 29-Mar-2019 05:15:00 GMT; domain=.serving-sys.com; path=/
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Sat, 29 Dec 2018 10:15:00 GMT
Content-Length: 1760

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1017431242/ 2 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017431242/?random=1546078500652&cv=9&fst=1546078500652&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=2oabc0&sendb=1&frm=0&url=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&tiba=ArenaNet&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

177c5f1b1eec80e1241af3bdcf47ce9280d551a297a970449d0b0067302c2cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1048
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1017431242/ 2 KB
1 KB 22ms
22ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1017431242/?random=1546078500655&cv=9&fst=1546078500655&num=1&label=t-AXCIOXvogBEMqJk-UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dconversion&gtm=2oabc0&sendb=1&frm=0&url=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&tiba=ArenaNet&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e1168b618520212b93da49a2ad80137dd25bbed772580dd92af0a876d80c4573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1102
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK DCNZ5EPJOZHFDKQ5IJRKIL Show response
d.adroll.com/consent/check/ 40 B
200 B 1912ms
31ms Script
application/javascript 54.247.82.163
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/DCNZ5EPJOZHFDKQ5IJRKIL?_s=8d50948cfd0201ccfb189c86a58210f5
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.82.163 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-82-163.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 6f43e1e85c42d5e449308701054501d9867a7254c9a8734406afbc89b3dfe5b4

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:02 GMT
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 40
Content-Type: application/javascript

GET
H2 200 /
www.google.com/pagead/1p-user-list/1017431242/ 42 B
120 B 22ms
20ms Image
image/gif 2a00:1450:4001:819::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1017431242/?random=1546078500652&cv=9&fst=1546077600000&num=1&bg=ffffff&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=2oabc0&sendb=1&frm=0&url=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&tiba=ArenaNet&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=2409308955&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:00 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1017431242/ 42 B
109 B 23ms
22ms Image
image/gif 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1017431242/?random=1546078500652&cv=9&fst=1546077600000&num=1&bg=ffffff&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=2oabc0&sendb=1&frm=0&url=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&tiba=ArenaNet&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=2409308955&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:00 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1017431242/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017431242/?random=537846644&cv=9&fst=*&num=1&label=t-AXCIOXvogBEMqJk-UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1...
https://www.google.com/pagead/1p-conversion/1017431242/?random=537846644&cv=9&fst=*&num=1&label=t-AXCIOXvogBEMqJk-UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=120...
https://www.google.de/pagead/1p-conversion/1017431242/?random=537846644&cv=9&fst=*&num=1&label=t-AXCIOXvogBEMqJk-UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200...

42 B
109 B

39ms
39ms

Image
image/gif

2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1017431242/?random=537846644&cv=9&fst=*&num=1&label=t-AXCIOXvogBEMqJk-UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dconversion&gtm=2oabc0&sendb=1&frm=0&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&tiba=ArenaNet&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JEknXOmDKYicgAeMyJmAAw&random=3895098618&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:00 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/1017431242/?random=537846644&cv=9&fst=*&num=1&label=t-AXCIOXvogBEMqJk-UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dconversion&gtm=2oabc0&sendb=1&frm=0&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&tiba=ArenaNet&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JEknXOmDKYicgAeMyJmAAw&random=3895098618&resp=GooglemKTybQhCsO&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OneTagDefaultConfig.json Show response
secure-ds.serving-sys.com/BurstingCachedScripts/ 11 B
217 B 7ms
7ms XHR
application/json 23.38.59.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.59.137 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-59-137.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash: 9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Origin: https://account.arena.net

Response headers

date: Sat, 29 Dec 2018 10:15:00 GMT
last-modified: Tue, 19 Dec 2017 08:44:56 GMT
server: Microsoft-IIS/8.5
x-powered-by: ARR/2.5, ASP.NET
etag: "5a9573a5a578d31:0"
status: 200
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 17 KB
3 KB 157ms
28ms Script
text/html 82.199.68.73
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=585&dispType=js&sync=0&sessionid=3437411066097190593&pageurl=$$https%3A//account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8$$&activityValues=$$Session=6960163008161122581$$&ns=0&rnd=6476165492898118
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: eb551dc72beb23b1907ec4a6ff58db1c82821db8cafe627d8aece17b72b0a245

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Dec 2018 10:15:00 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 2684
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame D0AE 24 KB
9 KB 19ms
17ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

c635ded98a0b747002e2f0fcd000b64f5044338e48060a66b665d4e873a7e1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9196
x-xss-protection: 1; mode=block
server: cafe
etag: 9569188893343377890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Dec 2018 10:15:00 GMT

GET
H/1.1 200
OK track.php Show response
ads.blindferretmedia.com/conversion/ Frame 0E04 95 B
502 B 434ms
108ms Script
application/javascript 54.235.165.206
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.blindferretmedia.com/conversion/track.php?tracker_id=658
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.165.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-235-165-206.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cfab2a7034d9cdd2293b4c271abe06a5a1a62b6dffe0a2500ec04ec0661e0b27

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:14:59 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
cache-control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15

GET
H/1.1

404
Not Found

ciffart-min.js
shop.pistenbully.com/ Frame 2B72
Redirect Chain

https://static.mmotraffic.com/ciffart-min.js?v=2
https://shop.pistenbully.com/ciffart-min.js?v=2

0
0

1086ms
493ms

Script
text/html

213.133.127.56
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shop.pistenbully.com/ciffart-min.js?v=2
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.133.127.56 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213-133-127-56.clients.your-server.de
Software: /
Resource Hash

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sat, 29 Dec 2018 10:15:08 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://shop.pistenbully.com/ciffart-min.js?v=2
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache, private
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ Frame DD50 4 KB
3 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8bd0f06b46d9a88baf3dc7da62f3838e7b7f286baf300ec2aaad0dca55acebcd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +hW/KuJNq7NQe8bmSE1A3g==
status: 200
vary: Accept-Encoding
content-length: 2115
x-xss-protection: 0
x-fb-debug: K7UBHWpHwmxqiOcdfi2CwUnQnZWnvk+imhv4wzHR2atBiplm4qCUY56E6XZe+Y2i7SmrDkLm18NHKXFUekfo2g==
x-fb-content-md5: db6ae66fe5e8ba5f8b59c32717e3550f
date: Sat, 29 Dec 2018 10:15:01 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6745f960c25e996cc9086102bc658935"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
expires: Sat, 29 Dec 2018 10:24:03 GMT

GET
H/1.1

200
OK

js Show response
pixel.mathtag.com/event/ Frame D0F3
Redirect Chain

https://pixel.mathtag.com/event/js?mt_id=826338&mt_adid=130512&v1=&v2=&v3=&s1=&s2=&s3=
https://pixel.mathtag.com/event/js?mt_id=826338&mt_adid=130512&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct

2 KB
2 KB

106ms
33ms

Script
text/javascript

2.18.233.201
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=826338&mt_adid=130512&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x3 /
Resource Hash: 3ae9d921786e10f934d7529411254b8fa77861c8d8002e60321a3002254db6f4

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:01 GMT
Server: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x3
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1922
Expires: Sat, 29 Dec 2018 10:15:00 GMT

Redirect headers

Date: Sat, 29 Dec 2018 10:15:01 GMT
Server: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x20
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://pixel.mathtag.com/event/js?mt_id=826338&mt_adid=130512&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
Expires: Sat, 29 Dec 2018 10:15:00 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/ Frame 8573
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

5 KB
2 KB

21ms
20ms

Script
application/javascript

104.244.46.176
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.46.176 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:01 GMT
content-encoding: gzip
age: 36911
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-tw-lon2-cr1-24-TWLON2
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1546078501.312563,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

Redirect headers

Location: https://static.ads-twitter.com/oct.js
Date: Sat, 29 Dec 2018 10:15:01 GMT
Server: ECS (fcn/41A2)
Content-Length: 0
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"

GET
H2

200

oct.js Show response
static.ads-twitter.com/ Frame 2A29
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

5 KB
2 KB

22ms
22ms

Script
application/javascript

104.244.46.176
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.46.176 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:01 GMT
content-encoding: gzip
age: 36911
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-tw-lon2-cr1-24-TWLON2
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1546078501.312819,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

Redirect headers

Location: https://static.ads-twitter.com/oct.js
Date: Sat, 29 Dec 2018 10:15:01 GMT
Server: ECS (fcn/40D1)
Content-Length: 0
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"

GET
H2

200

oct.js Show response
static.ads-twitter.com/ Frame 03B4
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

5 KB
2 KB

22ms
22ms

Script
application/javascript

104.244.46.176
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.46.176 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:01 GMT
content-encoding: gzip
age: 36911
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-tw-lon2-cr1-24-TWLON2
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1546078501.313280,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

Redirect headers

Location: https://static.ads-twitter.com/oct.js
Date: Sat, 29 Dec 2018 10:15:01 GMT
Server: ECS (fcn/40FC)
Content-Length: 0
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame F8D1 24 KB
9 KB 18ms
18ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

c635ded98a0b747002e2f0fcd000b64f5044338e48060a66b665d4e873a7e1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9196
x-xss-protection: 1; mode=block
server: cafe
etag: 9569188893343377890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Dec 2018 10:15:01 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 38E2 24 KB
9 KB 18ms
17ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

c635ded98a0b747002e2f0fcd000b64f5044338e48060a66b665d4e873a7e1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9196
x-xss-protection: 1; mode=block
server: cafe
etag: 9569188893343377890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Dec 2018 10:15:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 023B 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:808::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 3640
date: Sat, 29 Dec 2018 09:14:21 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Sat, 29 Dec 2018 11:14:21 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame E61C 24 KB
9 KB 20ms
20ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

c635ded98a0b747002e2f0fcd000b64f5044338e48060a66b665d4e873a7e1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9196
x-xss-protection: 1; mode=block
server: cafe
etag: 9569188893343377890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Dec 2018 10:15:01 GMT

GET
H/1.1

200
OK

aff_l
go.apptrk.io/ Frame EE1D
Redirect Chain

https://tracking.crobo.com/aff_l?offer_id=14952
https://go.apptrk.io/aff_l?offer_id=14952

0
0

649ms
529ms

Document
text/plain

54.154.158.40
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://go.apptrk.io/aff_l?offer_id=14952
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.158.40 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-158-40.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash

Request headers

Host: go.apptrk.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Date: Sat, 29 Dec 2018 10:15:02 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx/1.13.12
Content-Length: 0
Connection: keep-alive

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 29 Dec 2018 10:15:01 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://go.apptrk.io/aff_l?offer_id=14952
Pragma: no-cache
Server: nginx/1.13.12
Content-Length: 225
Connection: keep-alive

GET
H/1.1

200
OK

aff_l
go.apptrk.io/ Frame 8A73
Redirect Chain

https://tracking.crobo.com/aff_l?offer_id=14954
https://go.apptrk.io/aff_l?offer_id=14954

0
0

1094ms
529ms

Document
text/plain

54.154.158.40
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://go.apptrk.io/aff_l?offer_id=14954
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.158.40 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-158-40.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash

Request headers

Host: go.apptrk.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Date: Sat, 29 Dec 2018 10:15:02 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx/1.13.12
Content-Length: 0
Connection: keep-alive

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 29 Dec 2018 10:15:01 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://go.apptrk.io/aff_l?offer_id=14954
Pragma: no-cache
Server: nginx/1.13.12
Content-Length: 225
Connection: keep-alive

GET
H/1.1

200
OK

aff_l
go.apptrk.io/ Frame 762B
Redirect Chain

https://tracking.crobo.com/aff_l?offer_id=14958
https://go.apptrk.io/aff_l?offer_id=14958

0
0

1586ms
528ms

Document
text/plain

54.154.158.40
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://go.apptrk.io/aff_l?offer_id=14958
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.158.40 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-158-40.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash

Request headers

Host: go.apptrk.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Date: Sat, 29 Dec 2018 10:15:03 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx/1.13.12
Content-Length: 0
Connection: keep-alive

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 29 Dec 2018 10:15:01 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://go.apptrk.io/aff_l?offer_id=14958
Pragma: no-cache
Server: nginx/1.13.12
Content-Length: 225
Connection: keep-alive

GET
H/1.1

200
OK

aff_l
go.apptrk.io/ Frame 579B
Redirect Chain

https://tracking.crobo.com/aff_l?offer_id=14956
https://go.apptrk.io/aff_l?offer_id=14956

0
0

1579ms
532ms

Document
text/plain

52.213.56.130
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://go.apptrk.io/aff_l?offer_id=14956
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.56.130 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-213-56-130.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash

Request headers

Host: go.apptrk.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Date: Sat, 29 Dec 2018 10:15:03 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx/1.13.12
Content-Length: 0
Connection: keep-alive

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 29 Dec 2018 10:15:01 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://go.apptrk.io/aff_l?offer_id=14956
Pragma: no-cache
Server: nginx/1.13.12
Content-Length: 225
Connection: keep-alive

GET
H/1.1 200
OK track.js Show response
rexmox.com/ Frame 4F36 990 B
611 B 127ms
18ms Script
application/javascript 212.32.252.129
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://rexmox.com/track.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.252.129 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4ab90769eaf3cb7bcb40b1401c60cebfcac58c8f15c6d6a12d232d408ddb7668

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:01 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK track.js Show response
rexmox.com/ Frame 67C4 990 B
611 B 139ms
19ms Script
application/javascript 212.32.252.129
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://rexmox.com/track.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.252.129 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4ab90769eaf3cb7bcb40b1401c60cebfcac58c8f15c6d6a12d232d408ddb7668

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:01 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK track.js Show response
rexmox.com/ Frame 587D 990 B
611 B 153ms
18ms Script
application/javascript 212.32.252.129
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://rexmox.com/track.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.252.129 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4ab90769eaf3cb7bcb40b1401c60cebfcac58c8f15c6d6a12d232d408ddb7668

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:01 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK track.js Show response
rexmox.com/ Frame 3235 990 B
611 B 171ms
29ms Script
application/javascript 212.32.252.129
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://rexmox.com/track.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.252.129 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4ab90769eaf3cb7bcb40b1401c60cebfcac58c8f15c6d6a12d232d408ddb7668

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:01 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK track.js Show response
rexmox.com/ Frame F1DD 990 B
611 B 182ms
18ms Script
application/javascript 212.32.252.129
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://rexmox.com/track.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.252.129 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4ab90769eaf3cb7bcb40b1401c60cebfcac58c8f15c6d6a12d232d408ddb7668

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:01 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 p.ashx
a2g-secure.com/ Frame B34C 0
0 2982ms
53ms Document
text/plain 54.171.198.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a2g-secure.com/p.ashx?a=8310&e=426&t=TRANSACTION_ID
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.171.198.96 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-171-198-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: a2g-secure.com
:scheme: https
:path: /p.ashx?a=8310&e=426&t=TRANSACTION_ID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Response headers

status: 200
cache-control: private
content-type: text/plain; charset=utf-8
date: Sat, 29 Dec 2018 10:15:03 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length: 2

GET
H/1.1 400
Bad Request conversion.gif
muntsbjct-nonernal.com/ Frame 29F9 0
422 B 68ms
11ms Image
text/html 35.159.5.116
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://muntsbjct-nonernal.com/conversion.gif?
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.159.5.116 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-159-5-116.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 activity;xsp=4386440;ord=7042551088179.05
pubads.g.doubleclick.net/ Frame DE2B 42 B
112 B 50ms
20ms Image
image/gif 172.217.22.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4386440;ord=7042551088179.05?

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:01 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activity;xsp=4386887;ord=1043665058543.537
pubads.g.doubleclick.net/ Frame CCF6 42 B
109 B 50ms
21ms Image
image/gif 172.217.22.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4386887;ord=1043665058543.537?

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:01 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activity;xsp=4386884;ord=653014274290.542
pubads.g.doubleclick.net/ Frame 0347 42 B
109 B 60ms
31ms Image
image/gif 172.217.22.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4386884;ord=653014274290.542?

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:01 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK aff_l
go.playmmogames.com/ Frame 7EF4 43 B
301 B 623ms
533ms Image
image/gif 34.251.79.160
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://go.playmmogames.com/aff_l?offer_id=6268
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Server: 34.251.79.160 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-251-79-160.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Dec 2018 10:15:01 GMT
Server: nginx/1.13.12
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK aff_l
go.playmmogames.com/ Frame 2E58 43 B
301 B 1159ms
530ms Image
image/gif 34.251.79.160
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://go.playmmogames.com/aff_l?offer_id=6340
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Server: 34.251.79.160 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-251-79-160.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Dec 2018 10:15:02 GMT
Server: nginx/1.13.12
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK aff_l
go.playmmogames.com/ Frame 92CB 43 B
301 B 1629ms
536ms Image
image/gif 34.251.79.160
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://go.playmmogames.com/aff_l?offer_id=6342
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Server: 34.251.79.160 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-251-79-160.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Dec 2018 10:15:02 GMT
Server: nginx/1.13.12
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK aff_l
go.playmmogames.com/ Frame A3DC 43 B
301 B 1696ms
537ms Image
image/gif 34.251.79.160
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://go.playmmogames.com/aff_l?offer_id=6344
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Server: 34.251.79.160 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-251-79-160.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Dec 2018 10:15:02 GMT
Server: nginx/1.13.12
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK aff_l
go.playmmogames.com/ Frame 2B37 43 B
301 B 2114ms
533ms Image
image/gif 34.251.79.160
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://go.playmmogames.com/aff_l?offer_id=6346
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Server: 34.251.79.160 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-251-79-160.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Dec 2018 10:15:03 GMT
Server: nginx/1.13.12
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 992F
Redirect Chain

http://ib.adnxs.com/px?id=743617&seg=5928183&t=2
http://ib.adnxs.com/bounce?%2Fpx%3Fid%3D743617%26seg%3D5928183%26t%3D2

43 B
990 B

15ms
12ms

Image
image/gif

185.33.223.83
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ib.adnxs.com/bounce?%2Fpx%3Fid%3D743617%26seg%3D5928183%26t%3D2

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

HTTP/1.1

Server

185.33.223.83 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Dec 2018 10:15:18 GMT
AN-X-Request-Uuid: 9b5705ff-97bd-4518-9896-284520e1a9c5
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.220.70.215; 185.220.70.215; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.79:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 29 Dec 2018 10:15:18 GMT
AN-X-Request-Uuid: 927a0bdc-765e-4ebf-91c4-f7932f4b7770
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: http://ib.adnxs.com/bounce?%2Fpx%3Fid%3D743617%26seg%3D5928183%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.220.70.215; 185.220.70.215; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.244:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET registration.html
track.popmog.com/ 0
0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=636098&seg=4037142&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D636098%26seg%3D4037142%26t%3D2

43 B
991 B

17ms
16ms

Image
image/gif

185.33.223.100
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D636098%26seg%3D4037142%26t%3D2

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Dec 2018 10:15:10 GMT
AN-X-Request-Uuid: 2fe413c0-64c3-4809-9cc5-5378863ec178
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.220.70.215; 185.220.70.215; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.103:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 29 Dec 2018 10:15:10 GMT
AN-X-Request-Uuid: 2a5d7647-9191-4d34-be08-d244cb3991af
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D636098%26seg%3D4037142%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.220.70.215; 185.220.70.215; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.81:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1017431242/ Frame D0AE 2 KB
1 KB 23ms
22ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1017431242/?random=1546078501280&cv=9&fst=1546078501280&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

1a49ab1b971e7fd1882556e493039883e00555fde97f06987513f2155ec8ea66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1065
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1017431242/ Frame F8D1 2 KB
1 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017431242/?random=1546078501325&cv=9&fst=1546078501325&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

48ed155c0fa68fd94a83db894deb58ad52f91548a19055df2cd4a94b53d73b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 999
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1017431242/ Frame 38E2 2 KB
1 KB 18ms
17ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1017431242/?random=1546078501341&cv=9&fst=1546078501341&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

c0e1dfee77d0af80abbd82f331ef7a33d0767aa15ce7b8d3b1c7c39114c7a14b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1066
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1017431242/ Frame E61C 2 KB
1 KB 23ms
23ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1017431242/?random=1546078501346&cv=9&fst=1546078501346&num=1&label=Q7dECJ323V8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

23e69d8a18b33043df5d011dd3ecb503bd1624328ea72a330229c6ed39f32176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1066
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK success.jpg
rexmox.com/ Frame 4F36 1 B
141 B 1165ms
89ms Image
image/jpeg 212.32.252.129
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rexmox.com/success.jpg?afstatus=1&afsecure=8739fcfb736cb07783b3ced525423340
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.252.129 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 1
Content-Type: image/jpeg

GET
H/1.1 200
OK success.jpg
rexmox.com/ Frame 67C4 1 B
141 B 1051ms
98ms Image
image/jpeg 212.32.252.129
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rexmox.com/success.jpg?afstatus=1&afsecure=8739fcfb736cb07783b3ced525423340
Requested by: Host: rexmox.com
URL: https://rexmox.com/track.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.252.129 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 1
Content-Type: image/jpeg

GET
H/1.1 200
OK success.jpg
rexmox.com/ Frame 587D 1 B
141 B 1113ms
106ms Image
image/jpeg 212.32.252.129
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rexmox.com/success.jpg?afstatus=1&afsecure=8739fcfb736cb07783b3ced525423340
Requested by: Host: rexmox.com
URL: https://rexmox.com/track.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.252.129 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 1
Content-Type: image/jpeg

GET
H2 200 /
www.facebook.com/tr/ Frame DD50 44 B
144 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=null&ev=6031916699231&dl=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&rl=&if=true&ts=1546078501368&cd[value]=0.00&cd[currency]=EUR
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sat, 29 Dec 2018 10:15:02 GMT

GET
H2

200

ga-audiences
www.google.de/ads/ Frame 023B
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1451631493&t=pageview&_s=1&dl=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-46...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-31105670-11&cid=9413793.1546078501&jid=1858407684&_gid=893615440.1546078501&gjid=590942775&_v=j72&z=1431072101
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31105670-11&cid=9413793.1546078501&jid=1858407684&_v=j72&z=1431072101
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31105670-11&cid=9413793.1546078501&jid=1858407684&_v=j72&z=1431072101&slf_rd=1&random=3158290815

42 B
109 B

18ms
16ms

Image
image/gif

2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31105670-11&cid=9413793.1546078501&jid=1858407684&_v=j72&z=1431072101&slf_rd=1&random=3158290815

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:02 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31105670-11&cid=9413793.1546078501&jid=1858407684&_v=j72&z=1431072101&slf_rd=1&random=3158290815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame 8573 43 B
167 B 139ms
138ms Image
image/gif 199.16.156.11
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=l6pdv&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.11 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 7
pragma: no-cache
last-modified: Sat, 29 Dec 2018 10:15:02 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 56ab497c9c2e990da491fcd988a17904
x-transaction: 00a3b8a300047378
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame 2A29 43 B
119 B 140ms
139ms Image
image/gif 199.16.156.11
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=l6pe1&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.11 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 8
pragma: no-cache
last-modified: Sat, 29 Dec 2018 10:15:02 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 56ab497c9c2e990da491fcd988a17904
x-transaction: 0011525300273c36
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame 03B4 43 B
119 B 139ms
139ms Image
image/gif 199.16.156.11
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=l6pdx&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.11 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 7
pragma: no-cache
last-modified: Sat, 29 Dec 2018 10:15:02 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 56ab497c9c2e990da491fcd988a17904
x-transaction: 00ecf37d00ad9e35
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK success.jpg
rexmox.com/ Frame 3235 1 B
141 B 419ms
138ms Image
image/jpeg 212.32.252.129
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rexmox.com/success.jpg?afstatus=1&afsecure=8739fcfb736cb07783b3ced525423340
Requested by: Host: rexmox.com
URL: https://rexmox.com/track.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.252.129 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 1
Content-Type: image/jpeg

GET
H/1.1 200
OK success.jpg
rexmox.com/ Frame F1DD 1 B
141 B 436ms
70ms Image
image/jpeg 212.32.252.129
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rexmox.com/success.jpg?afstatus=1&afsecure=8739fcfb736cb07783b3ced525423340
Requested by: Host: rexmox.com
URL: https://rexmox.com/track.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.252.129 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 1
Content-Type: image/jpeg

GET
H/1.1 200
OK i.js Show response
mathid.mathtag.com/d/ Frame D0F3 54 KB
19 KB 117ms
42ms Script
text/javascript 185.29.133.52
MediaMath Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://mathid.mathtag.com/d/i.js
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=826338&mt_adid=130512&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software: / Express
Resource Hash: b08fefb255b40cd18b0f7db8ec21c6f0c79d16aa828d7ed9157da12a38538682

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:02 GMT
Content-Encoding: gzip
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
X-MM-Host: zrh-mathid-x2
Connection: keep-alive
Access-Control-Allow-Headers: Content-type, X-Optout
Keep-Alive: timeout=360
Expires: Sat, 29 Dec 2018 11:15:02 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1017431242/ Frame D0AE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017431242/?random=111782961&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&...
https://www.google.com/pagead/1p-conversion/1017431242/?random=111782961&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_a...
https://www.google.de/pagead/1p-conversion/1017431242/?random=111782961&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah...

42 B
109 B

22ms
21ms

Image
image/gif

2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1017431242/?random=111782961&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JUknXJDSINf0gAfdnbGoCw&random=4054243913&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/1017431242/?random=111782961&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JUknXJDSINf0gAfdnbGoCw&random=4054243913&resp=GooglemKTybQhCsO&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iframe
pixel.mathtag.com/sync/ Frame 8F22 0
0 114ms
39ms Document
text/html 2.18.233.201
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=b2d15c27-3aea-4800-b83a-218a2dfcdcde&no_iframe=1&mt_adid=130512
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=826338&mt_adid=130512&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x22 /
Resource Hash

Request headers

Host: pixel.mathtag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Accept-Encoding: gzip, deflate, br
Cookie: uuid=b2d15c27-3aea-4800-b83a-218a2dfcdcde; uuidc=R8tC8jkkp2GkvSiQ994QYdKnabF5XqSvlZLwh3mmDBzYLE0DxPAXHXOgxtO+KIOIagt/zM22d5H+GI+S8ikPnMyNY7CulbZzkAvqPaZc9AY=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Response headers

Content-Type: text/html
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x22
Expires: Sat, 29 Dec 2018 10:15:00 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1739
Date: Sat, 29 Dec 2018 10:15:02 GMT
Connection: keep-alive

GET
H2 200 /
www.google.com/pagead/1p-user-list/1017431242/ Frame F8D1 42 B
118 B 22ms
21ms Image
image/gif 2a00:1450:4001:819::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1017431242/?random=1546078501325&cv=9&fst=1546077600000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=645538540&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:02 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1017431242/ Frame F8D1 42 B
109 B 21ms
21ms Image
image/gif 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1017431242/?random=1546078501325&cv=9&fst=1546077600000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=645538540&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:02 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1017431242/ Frame 38E2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017431242/?random=1917787969&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991...
https://www.google.com/pagead/1p-conversion/1017431242/?random=1917787969&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/1017431242/?random=1917787969&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_a...

42 B
109 B

28ms
27ms

Image
image/gif

2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1017431242/?random=1917787969&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JUknXJTeJMj3gAeB8I-4DQ&random=99779462&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/1017431242/?random=1917787969&cv=9&fst=*&num=1&label=THpiCLOgtF8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JUknXJTeJMj3gAeB8I-4DQ&random=99779462&resp=GooglemKTybQhCsO&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1017431242/ Frame E61C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017431242/?random=1975383086&cv=9&fst=*&num=1&label=Q7dECJ323V8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991...
https://www.google.com/pagead/1p-conversion/1017431242/?random=1975383086&cv=9&fst=*&num=1&label=Q7dECJ323V8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/1017431242/?random=1975383086&cv=9&fst=*&num=1&label=Q7dECJ323V8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_a...

42 B
109 B

20ms
20ms

Image
image/gif

2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1017431242/?random=1975383086&cv=9&fst=*&num=1&label=Q7dECJ323V8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JUknXOn-JcuB-gbywKK4Cw&random=1151817809&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Dec 2018 10:15:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/1017431242/?random=1975383086&cv=9&fst=*&num=1&label=Q7dECJ323V8QyomT5QM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https://account.arena.net/verify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=JUknXOn-JcuB-gbywKK4Cw&random=1151817809&resp=GooglemKTybQhCsO&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 8573 31 B
267 B 142ms
142ms Script
application/javascript 199.16.156.200
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=l6pdv&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.200 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 11
pragma: no-cache
last-modified: Sat, 29 Dec 2018 10:15:03 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 004cbc67d96bf268fa713d5e1f5fb084
x-transaction: 005a02f000d9f9ec
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 2A29 31 B
216 B 140ms
139ms Script
application/javascript 199.16.156.200
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=l6pe1&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.200 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 8
pragma: no-cache
last-modified: Sat, 29 Dec 2018 10:15:03 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 004cbc67d96bf268fa713d5e1f5fb084
x-transaction: 0001257c003cc9ef
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 03B4 31 B
112 B 141ms
140ms Script
application/javascript 199.16.156.200
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=l6pdx&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Faccount.arena.net%2Fverify%3Fuserid%3D710D8B34-3E01-E911-81B6-95103C0D6492%26sessid%3D027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.200 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 10:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 8
pragma: no-cache
last-modified: Sat, 29 Dec 2018 10:15:03 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 004cbc67d96bf268fa713d5e1f5fb084
x-transaction: 002c12c500a9faff
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK consent.js Show response
s.adroll.com/j/ 67 KB
68 KB 116ms
16ms Script
application/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4983cd18419e417077dcc013922828394049ce6c65db6a782d2d73f225d46089

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: yvF3y5OARyGYjZyuW4BqgiCbPvLhhPrH
x-amz-request-id: C660C44E50C70FE5
x-amz-server-side-encryption: AES256
Date: Sat, 29 Dec 2018 10:15:03 GMT
Connection: keep-alive
Content-Length: 68722
x-amz-id-2: D7ez5VHgmq75oSk+RV5Bvhwc+NyzWhhLo0yRY2QgLPT4BylissuMXb5SUYS+jrJbzj5Q5WIVZIU=
Last-Modified: Thu, 06 Dec 2018 16:37:43 GMT
Server: AmazonS3
ETag: "53cd26585ff224c6851303016ec98536"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame D0F3 3 KB
4 KB 42ms
41ms Script
text/javascript 2.18.233.201
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=826338&mt_adid=130512&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&no_log&mathid_data=%7B%22dv1%22%3A%22TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2%22%2C%22dv2%22%3A%22NWI2NjgwZjU1ZmFiYmMxM2YxMGMwMDgyNTM4NjQ0OTk%3D%22%2C%22dv3%22%3A%22%22%2C%22dv4%22%3A%22MTYwMHwxMjAwfDE2MDB8MTIwMHwyNHx8%22%2C%22dv5%22%3A%22VVRD%22%2C%22dv6%22%3A%22%22%2C%22dv7%22%3A%22MA%3D%3D%22%2C%22dv8%22%3A%22ZmFsc2V8dHJ1ZXx0cnVl%22%2C%22dv9%22%3A%22fGVuLVVTfA%3D%3D%22%2C%22dv10%22%3A%22TW96aWxsYXxOZXRzY2FwZXxMaW51eCB4ODZfNjR8%22%7D
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=826338&mt_adid=130512&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x22 /
Resource Hash: 49ca08d2e89f7d6e2dea2af84dee05c33f541b582e9da54df0c1bede03b2da1c

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:03 GMT
Server: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x22
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 3252
Expires: Sat, 29 Dec 2018 10:15:02 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame D0F3 2 KB
3 KB 35ms
33ms Script
text/javascript 2.18.233.201
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1245353&mt_adid=197400&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_uuid=b2d15c27-3aea-4800-b83a-218a2dfcdcde
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=826338&mt_adid=130512&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&no_log&mathid_data=%7B%22dv1%22%3A%22TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2%22%2C%22dv2%22%3A%22NWI2NjgwZjU1ZmFiYmMxM2YxMGMwMDgyNTM4NjQ0OTk%3D%22%2C%22dv3%22%3A%22%22%2C%22dv4%22%3A%22MTYwMHwxMjAwfDE2MDB8MTIwMHwyNHx8%22%2C%22dv5%22%3A%22VVRD%22%2C%22dv6%22%3A%22%22%2C%22dv7%22%3A%22MA%3D%3D%22%2C%22dv8%22%3A%22ZmFsc2V8dHJ1ZXx0cnVl%22%2C%22dv9%22%3A%22fGVuLVVTfA%3D%3D%22%2C%22dv10%22%3A%22TW96aWxsYXxOZXRzY2FwZXxMaW51eCB4ODZfNjR8%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x9 /
Resource Hash: 77e892831f3174bd2eab2aa611a7546f8b67286b7d6d3a2be1a73e1f062f6901

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:03 GMT
Server: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 2463
Expires: Sat, 29 Dec 2018 10:15:02 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame D0F3 43 B
465 B 34ms
33ms Image
image/gif 2.18.233.201
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x22 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:03 GMT
Server: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x22
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 29 Dec 2018 10:15:02 GMT

GET
H/1.1 200
OK hod
d.adroll.com/consent/ 42 B
264 B 90ms
31ms Image
image/gif 54.247.82.163
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/consent/hod?_e=view_banner&_s=8d50948cfd0201ccfb189c86a58210f5&_b=626d9f6089ce68&_a=DCNZ5EPJOZHFDKQ5IJRKIL
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.82.163 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-82-163.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:03 GMT
Cache-Control: no-transform,public,max-age=300,s-maxage=900
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 42
Vary: Cookie
Content-Type: image/gif

GET
H/1.1 200
OK iframe
pixel.mathtag.com/sync/ Frame 7FAB 0
0 30ms
30ms Document
text/html 2.18.233.201
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?realm=batch_supply&mt_adid=130512&mt_id=826338&mt_nobot=1
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=826338&mt_adid=130512&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&no_log&mathid_data=%7B%22dv1%22%3A%22TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2%22%2C%22dv2%22%3A%22NWI2NjgwZjU1ZmFiYmMxM2YxMGMwMDgyNTM4NjQ0OTk%3D%22%2C%22dv3%22%3A%22%22%2C%22dv4%22%3A%22MTYwMHwxMjAwfDE2MDB8MTIwMHwyNHx8%22%2C%22dv5%22%3A%22VVRD%22%2C%22dv6%22%3A%22%22%2C%22dv7%22%3A%22MA%3D%3D%22%2C%22dv8%22%3A%22ZmFsc2V8dHJ1ZXx0cnVl%22%2C%22dv9%22%3A%22fGVuLVVTfA%3D%3D%22%2C%22dv10%22%3A%22TW96aWxsYXxOZXRzY2FwZXxMaW51eCB4ODZfNjR8%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x3 /
Resource Hash

Request headers

Host: pixel.mathtag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Accept-Encoding: gzip, deflate, br
Cookie: uuid=b2d15c27-3aea-4800-b83a-218a2dfcdcde; uuidc=R8tC8jkkp2GkvSiQ994QYdKnabF5XqSvlZLwh3mmDBzYLE0DxPAXHXOgxtO+KIOIagt/zM22d5H+GI+S8ikPnMyNY7CulbZzkAvqPaZc9AY=; mt_mop=; mt_misc=mt_bt:1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8

Response headers

Content-Type: text/html
Content-Length: 549
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x3
Expires: Sat, 29 Dec 2018 10:15:02 GMT
Date: Sat, 29 Dec 2018 10:15:03 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame D0F3 43 B
473 B 29ms
29ms Image
image/gif 2.18.233.201
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by: Host: account.arena.net
URL: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x7 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://account.arena.net/verify?userid=710D8B34-3E01-E911-81B6-95103C0D6492&sessid=027E6107-465B-4BDD-B4E5-D0E4AC8778D8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:15:13 GMT
Server: MT3 1.31.3.3 92abae7 DPLAT-1101 cdg-pixel-x7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 29 Dec 2018 10:15:12 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.popmog.com
URL: https://track.popmog.com/registration.html?rid=777e051a-77a8-476a-8f54-a5d02a4d8cd4&game_license_id=8300

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2g-secure.com
account.arena.net
account.staticwars.com
ads.blindferretmedia.com
analytics.twitter.com
bs.serving-sys.com
connect.facebook.net
d.adroll.com
go.apptrk.io
go.playmmogames.com
googleads.g.doubleclick.net
guildwars2.go2cloud.org
ib.adnxs.com
mathid.mathtag.com
muntsbjct-nonernal.com
pixel.mathtag.com
platform.twitter.com
pubads.g.doubleclick.net
rexmox.com
s.adroll.com
secure-ds.serving-sys.com
secure.adnxs.com
server.cpmstar.com
shop.pistenbully.com
ssl.gamereg.net
static.ads-twitter.com
static.mmotraffic.com
static.staticwars.com
stats.g.doubleclick.net
t.co
track.popmog.com
tracking.crobo.com
trk.wescale.it
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.guildwars2.com
track.popmog.com
104.244.46.176
163.172.109.112
172.217.22.2
172.217.22.98
185.29.133.52
185.33.223.100
185.33.223.83
198.24.162.123
198.24.170.27
199.16.156.11
199.16.156.200
2.18.233.201
2.18.233.40
212.32.252.129
213.133.127.56
23.38.59.137
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:816::2003
2a00:1450:4001:819::2004
2a00:1450:4001:821::2008
2a00:1450:400c:c08::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.122.17.232
3.122.79.2
34.250.93.170
34.251.79.160
35.159.5.116
52.213.56.130
54.154.158.40
54.171.198.96
54.230.95.238
54.230.95.7
54.230.95.84
54.235.165.206
54.247.82.163
54.72.199.154
82.199.68.73
0fe6f1b8fa310d707f732d8d942234bda124653775ac8c6f2d1c81853eb8a773
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14fb80a7bda764a3434eaacdb50025534e7364b214fbf6cd034d4c0a365a1b69
177c5f1b1eec80e1241af3bdcf47ce9280d551a297a970449d0b0067302c2cd4
1a49ab1b971e7fd1882556e493039883e00555fde97f06987513f2155ec8ea66
23e69d8a18b33043df5d011dd3ecb503bd1624328ea72a330229c6ed39f32176
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3348402d756ddb8ac3bc49f660cfc25cd535309bbe3219b0d3ff39ae67ad1dff
3ae9d921786e10f934d7529411254b8fa77861c8d8002e60321a3002254db6f4
440cd745f8aed3064c7cfd1a9154e1767cd7fee911f729f9cb4d69eb7b954434
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48ed155c0fa68fd94a83db894deb58ad52f91548a19055df2cd4a94b53d73b2a
4983cd18419e417077dcc013922828394049ce6c65db6a782d2d73f225d46089
49ca08d2e89f7d6e2dea2af84dee05c33f541b582e9da54df0c1bede03b2da1c
4ab90769eaf3cb7bcb40b1401c60cebfcac58c8f15c6d6a12d232d408ddb7668
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
516cd6e95d1d1b6289c5454faaee97391aacef30a293dfe554eb2361c2bf2554
6f43e1e85c42d5e449308701054501d9867a7254c9a8734406afbc89b3dfe5b4
77e892831f3174bd2eab2aa611a7546f8b67286b7d6d3a2be1a73e1f062f6901
7dbf298eb65ba89de3052ccb475c99643f19ab2a584bcbc6d584a9cc2744da3c
809f8909eca5e961b54027516b842d7fd827292bea1f1ad8255e14fc0b250885
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8663bcdc3cbd483e4b58627f3675f878544fcf213947a732500214233ae200fe
894ccea8e9987ed2e66b8c4b320d37427f90b7e7df1c153e9254a57f5af97d0a
8bd0f06b46d9a88baf3dc7da62f3838e7b7f286baf300ec2aaad0dca55acebcd
9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308
9f7ec14b65196ecc6380422716725a5a5dcb4261f5988ef381905dd0f8fd031f
a505a888739fef6277c2b08cbea4e10c124a5c31943a0b6bb0b249637dc40213
a936104a8a5bb59016dbf7505f57488e5cd88eeaeb1bd00ae7a7bff71251a8cf
aa7c6cab13c83d2d3e5ed8f41556b8d0965f7a14b1af8825c424229763687a2a
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b08fefb255b40cd18b0f7db8ec21c6f0c79d16aa828d7ed9157da12a38538682
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
c0e1dfee77d0af80abbd82f331ef7a33d0767aa15ce7b8d3b1c7c39114c7a14b
c1e8b0da242c479efead460856546e711b39dd43df0b136dcfe53fec3091a3d9
c4d0e9217f2a10152e30b60085e3552effbb2f8401564e787a20dd5bdab3c516
c635ded98a0b747002e2f0fcd000b64f5044338e48060a66b665d4e873a7e1d9
cfab2a7034d9cdd2293b4c271abe06a5a1a62b6dffe0a2500ec04ec0661e0b27
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1168b618520212b93da49a2ad80137dd25bbed772580dd92af0a876d80c4573
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb551dc72beb23b1907ec4a6ff58db1c82821db8cafe627d8aece17b72b0a245
ecf74f827a3f7ff4c8e718bfac1591c46ae9bb3c2f56782e56d783fe8e08089b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

account.arena.net Open in urlscan Pro 3.122.79.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

96 Requests

93 %HTTPS

23 %IPv6

32 Domains

40 Subdomains

37 IPs

6 Countries

444 kBTransfer

1001 kBSize

0 Cookies

9 Outgoing links

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

account.arena.net Open in urlscan Pro
3.122.79.2 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

93 %
HTTPS

23 %
IPv6

32
Domains

40
Subdomains

37
IPs

6
Countries

444 kB
Transfer

1001 kB
Size

0
Cookies

96 HTTP transactions
0 data transactions