urlscan.io logo urlscan.io
SecurityTrails logo

gamestopsaga.paulmxller.md2site.com Open in urlscan Pro
35.224.50.130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gamestopsaga.paulmxller.md2site.com/
Effective URL: https://gamestopsaga.paulmxller.md2site.com/
Submission: On January 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 26 HTTP transactions. The main IP is 35.224.50.130, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is gamestopsaga.paulmxller.md2site.com.
TLS certificate: Issued by R3 on January 8th 2022. Valid for: 3 months.
This is the only time gamestopsaga.paulmxller.md2site.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    35.224.50.130 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 130.50.224.35.bc.googleusercontent.com
gamestopsaga.paulmxller.md2site.com
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    51.210.32.106 (Aix-en-Provence, France)

ASN16276 (OVH, FR)
PTR: ns3172579.ip-51-210-32.eu
i.ibb.co
1    18.66.97.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-42.fra56.r.cloudfront.net
s3.tradingview.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
9    18.66.139.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-79.fra60.r.cloudfront.net
s.tradingview.com
4    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2600:9000:225e:e000:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
s3-symbol-logo.tradingview.com
Apex Domain
Subdomains		 Transfer
13 tradingview.com
s3.tradingview.com — Cisco Umbrella Rank: 17070
s.tradingview.com — Cisco Umbrella Rank: 20884
s3-symbol-logo.tradingview.com — Cisco Umbrella Rank: 25714
475 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
40 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
134 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 88
498 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
113 KB
2 md2site.com
gamestopsaga.paulmxller.md2site.com
7 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 13407
58 KB
26 7
Domain Requested by
9 s.tradingview.com s3.tradingview.com
s.tradingview.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 s3-symbol-logo.tradingview.com
3 www.googletagmanager.com gamestopsaga.paulmxller.md2site.com
www.googletagmanager.com
s.tradingview.com
2 www.facebook.com gamestopsaga.paulmxller.md2site.com
2 connect.facebook.net gamestopsaga.paulmxller.md2site.com
connect.facebook.net
2 gamestopsaga.paulmxller.md2site.com 1 redirects
1 s3.tradingview.com gamestopsaga.paulmxller.md2site.com
1 i.ibb.co gamestopsaga.paulmxller.md2site.com
26 9
Subject Issuer Validity Valid
gamestopsaga.paulmxller.md2site.com
R3		 2022-01-08 -
2022-04-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
ibb.co
R3		 2021-12-05 -
2022-03-05		 3 months crt.sh
*.tradingview.com
Amazon		 2021-03-11 -
2022-04-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-21 -
2022-01-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://gamestopsaga.paulmxller.md2site.com/
Frame ID: 91756280FC3FE8D28139F09B3A4C9B79
Requests: 12 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
Frame ID: F8AF710D7178D0564303A66C9D249752
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GameStopedia

Page URL History Show full URLs

  1. http://gamestopsaga.paulmxller.md2site.com/ HTTP 301
    https://gamestopsaga.paulmxller.md2site.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

26
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

827 kB
Transfer

2491 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gamestopsaga.paulmxller.md2site.com/ HTTP 301
    https://gamestopsaga.paulmxller.md2site.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gamestopsaga.paulmxller.md2site.com/
Redirect Chain
  • http://gamestopsaga.paulmxller.md2site.com/
  • https://gamestopsaga.paulmxller.md2site.com/
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gamestopsaga.paulmxller.md2site.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.224.50.130 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.50.224.35.bc.googleusercontent.com
Software
Apache/2.4.46 (Ubuntu) /
Resource Hash
bdfb22478a12276b68ed1a9c7db26a500b69b32e7a0741c540a8890e5cb985b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 12 Jan 2022 13:11:50 GMT
Server
Apache/2.4.46 (Ubuntu)
Last-Modified
Tue, 11 Jan 2022 23:49:37 GMT
ETag
"4668-5d5571b1f4ddd-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
6629
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Wed, 12 Jan 2022 13:11:49 GMT
Server
Apache/2.4.46 (Ubuntu)
Location
https://gamestopsaga.paulmxller.md2site.com/
Content-Length
353
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
js
www.googletagmanager.com/gtag/ 		168 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JJTT7LJYCH
Requested by
Host: gamestopsaga.paulmxller.md2site.com
URL: https://gamestopsaga.paulmxller.md2site.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89bb9114af96f1ca84faab28b7f765ebc53dcfd966be0a717fe876c7294ffba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestopsaga.paulmxller.md2site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 13:11:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63604
x-xss-protection
0
expires
Wed, 12 Jan 2022 13:11:50 GMT
gme-logo.png
i.ibb.co/RQsyjV6/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/RQsyjV6/gme-logo.png
Requested by
Host: gamestopsaga.paulmxller.md2site.com
URL: https://gamestopsaga.paulmxller.md2site.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.210.32.106 Aix-en-Provence, France, ASN16276 (OVH, FR),
Reverse DNS
ns3172579.ip-51-210-32.eu
Software
nginx /
Resource Hash
b5cd749cb21feaf9f310e93da48e7941aa496f80beac0cad3542c08ea782d482

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestopsaga.paulmxller.md2site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 13:11:50 GMT
last-modified
Mon, 10 Jan 2022 09:41:20 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
58725
expires
Thu, 31 Dec 2037 23:55:55 GMT
embed-widget-ticker-tape.js
s3.tradingview.com/external-embedding/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by
Host: gamestopsaga.paulmxller.md2site.com
URL: https://gamestopsaga.paulmxller.md2site.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33cfd3133e47050e87c16e658a97ac28ab99fd65942b61c3f72cba7d076dbf7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestopsaga.paulmxller.md2site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 12:10:40 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Wed, 12 Jan 2022 12:10:32 GMT
server
AmazonS3
age
3671
etag
"b82e4bc417499a36cc2882f5338b8f01"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
11108
x-amz-cf-id
cbNI3bYHrqmQr1VLfLyX_bKmf3a9DTvFXR8VfU70fgkvYe8Ay2tjVw==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gamestopsaga.paulmxller.md2site.com
URL: https://gamestopsaga.paulmxller.md2site.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestopsaga.paulmxller.md2site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
S71DzU/nHR0LYJK+WgF4uKgUxd83KI3Y6Qjpo8Nb2c4Is4e0L6KiheeUtOONDgBMi3K1UVAatt1fLTfB6YF/gg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 12 Jan 2022 13:11:50 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
s.tradingview.com/embed-widget/ticker-tape/ Frame F8AF 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
Requested by
Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-79.fra60.r.cloudfront.net
Software
tv /
Resource Hash
8b9650a940dc91c08117a7c0804694013616f67cd2c5dbdf600a295fdadda0ea
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-Bo2Mub9miyCHf6gpXqV1KQ=='; base-uri 'none'; report-uri /csp-report/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gamestopsaga.paulmxller.md2site.com/

Response headers

content-type
text/html; charset=utf-8
date
Wed, 12 Jan 2022 13:11:30 GMT
expires
Wed, 12 Jan 2022 13:13:30 GMT
cache-control
max-age=120
content-security-policy
default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-Bo2Mub9miyCHf6gpXqV1KQ=='; base-uri 'none'; report-uri /csp-report/
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
tv
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding,Cookie
x-cache
Hit from cloudfront
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
9oWA5n8z6GVt6xDiYwVxlh4q0ygoaRmoPTc9ges7hCBJtRizAHfdTg==
age
20
349974126585779
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/349974126585779?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
04ae1bab98033148ad538f75de16668550ba546065da0ed238652bc3dcb1dc60
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestopsaga.paulmxller.md2site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
aQYdEhdh6TTBXeSKBCuvEBm8fvdNGKw2Dyq4syZWpftqmd2PGdDXWVLxsYdsgOGmtQlpSvSUcZxsHNCFyffk8g==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 12 Jan 2022 13:11:50 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128985927-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJTT7LJYCH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
908db561476c0ccbf79d6157f4d9b1c7846ad8297c9715b2ce20859e03c42d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestopsaga.paulmxller.md2site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 13:11:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36633
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jan 2022 13:11:50 GMT
de.722e038626711715.js
s.tradingview.com/static/localization/translations/ Frame F8AF 		1 MB
295 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tradingview.com/static/localization/translations/de.722e038626711715.js
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-79.fra60.r.cloudfront.net
Software
tv /
Resource Hash
1dfe717419e06af83cee15d2ba2884073ca2610383232924915693ecd06f3f9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
Origin
https://s.tradingview.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 10:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8083
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Wed, 12 Jan 2022 09:59:25 GMT
server
tv
etag
W/"61dea67d-49340"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
aLxBQ94sDd2uuGwky3WtIa4i-36Gx9eLRBMgUh_9olmCPG97mo6hVQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
runtime.652fd082deae9d882fb5.js
s.tradingview.com/static/bundles/embed/ Frame F8AF 		44 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tradingview.com/static/bundles/embed/runtime.652fd082deae9d882fb5.js
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-79.fra60.r.cloudfront.net
Software
tv /
Resource Hash
1d249c1df55c29314cb71ba31616fc3167f5e74a208532cf79fa7cffe9c77395
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
Origin
https://s.tradingview.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 12:13:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3524
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Wed, 12 Jan 2022 11:36:25 GMT
server
tv
etag
W/"61debd39-5c37"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
wN7zISP2RuwR8ssN2Z5z-cLOSFA8CGLR1SEYGKnmhtAHeU8XefMCFA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
vendors_embed.d76fefa3fece70ff3a71.js
s.tradingview.com/static/bundles/embed/ Frame F8AF 		144 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tradingview.com/static/bundles/embed/vendors_embed.d76fefa3fece70ff3a71.js
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-79.fra60.r.cloudfront.net
Software
tv /
Resource Hash
70dd390dbbffd306539aabdfd281cfebf3a07b3283203938fae8fb9acc0a6211
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
Origin
https://s.tradingview.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 09:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533023
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Thu, 06 Jan 2022 08:50:58 GMT
server
tv
etag
W/"61d6ad72-ba80"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
O1hGG1tIuSdkv1WyPoGrQU0eqPl-LZTy1IS-9e4V1UeqdH3jb6TL8Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
embed_ticker_tape_widget.b2752bdfe5dba6a9254c.js
s.tradingview.com/static/bundles/embed/ Frame F8AF 		282 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.b2752bdfe5dba6a9254c.js
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-79.fra60.r.cloudfront.net
Software
tv /
Resource Hash
260a1bc8fb669ba254780cd9a20498516c7590a120f866f6ecfba90a09b3e809
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
Origin
https://s.tradingview.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 10:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8081
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Wed, 12 Jan 2022 09:59:31 GMT
server
tv
etag
W/"61dea683-13a37"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
owXM52apJFZJBoKZhj9KraRsfOb7GwgT0punyCq7gLAvV8qUvtoPaA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
css_embed_normalize.0f19b168d88c5e2b6ad0.css
s.tradingview.com/static/bundles/embed/ Frame F8AF 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.tradingview.com/static/bundles/embed/css_embed_normalize.0f19b168d88c5e2b6ad0.css
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-79.fra60.r.cloudfront.net
Software
tv /
Resource Hash
6d1da18bcbaa7c9281f213e1815476a74289e661714323d7b59df17706969d08
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 10:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5538885
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Tue, 09 Nov 2021 10:06:01 GMT
server
tv
etag
W/"618a4809-2be"
vary
Accept-Encoding
content-type
text/css
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
M18PK-AuqLZhBlPQWHYDFiyps-7QoaJIsAfnN5wOVdkEvBT2YD5-iw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
embed_ticker_tape_widget.63d0619be32eeb393f83.css
s.tradingview.com/static/bundles/embed/ Frame F8AF 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.63d0619be32eeb393f83.css
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-79.fra60.r.cloudfront.net
Software
tv /
Resource Hash
81a5152120b935d5f14a5bb1dfda5ad939062d75168d22260eeb5ec7319f73f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 10:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8082
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Wed, 12 Jan 2022 09:59:31 GMT
server
tv
etag
W/"61dea683-fc8"
vary
Accept-Encoding
content-type
text/css
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
Y--WEoK7UAFGN1oaLOZ5cmeEPQdR3d60SPMK8CrNlaDMeiiJhoZRfg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128985927-2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestopsaga.paulmxller.md2site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5816
date
Wed, 12 Jan 2022 11:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 12 Jan 2022 13:34:54 GMT
collect
www.google-analytics.com/g/ 		0
184 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JJTT7LJYCH&gtm=2oe1a0&_p=1966141722&sr=1600x1200&ul=en-us&cid=73432125.1641993110&_s=1&dl=https%3A%2F%2Fgamestopsaga.paulmxller.md2site.com%2F&dt=GameStopedia&sid=1641993110&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJTT7LJYCH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gamestopsaga.paulmxller.md2site.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 12 Jan 2022 13:11:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gamestopsaga.paulmxller.md2site.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame F8AF 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-132755435-1
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.b2752bdfe5dba6a9254c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9bed32f882ce8f976af9afb51a48cd42d1d8cc3a4f758c2f16dfd17207eb4a03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 13:11:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36628
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jan 2022 13:11:50 GMT
63158.982f1e40be21040b888f.css
s.tradingview.com/static/bundles/embed/ Frame F8AF 		801 B
759 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.tradingview.com/static/bundles/embed/63158.982f1e40be21040b888f.css
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.652fd082deae9d882fb5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-79.fra60.r.cloudfront.net
Software
tv /
Resource Hash
76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 10:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5538883
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Tue, 09 Nov 2021 10:06:02 GMT
server
tv
etag
W/"618a480a-104"
vary
Accept-Encoding
content-type
text/css
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
SZ_rpRssgmmFURWW8yBasjQCVDdw5shGveXCRfdo0QRuB7LGRJxvsg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
tradingview-copyright-data-impl.ac00c2813da1ebf015c3.js
s.tradingview.com/static/bundles/embed/ Frame F8AF 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.ac00c2813da1ebf015c3.js
Requested by
Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.652fd082deae9d882fb5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-79.fra60.r.cloudfront.net
Software
tv /
Resource Hash
3f5eacbef8f64653af592eae02fd061cfd623a33b36ae1c761974f581f19ce7f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/embed-widget/ticker-tape/?locale=de_DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5281003
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
*
referrer-policy
origin-when-cross-origin
last-modified
Fri, 12 Nov 2021 08:51:09 GMT
server
tv
etag
W/"618e2afd-8b0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
Cgzlol8O3TBTgm-sCWTwszOrEug3s31zBzZezUCSNUk8hP5O1Zs0gg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1966141722&t=pageview&_s=1&dl=https%3A%2F%2Fgamestopsaga.paulmxller.md2site.com%2F&ul=en-us&de=UTF-8&dt=GameStopedia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1310819306&gjid=1179190156&cid=73432125.1641993110&tid=UA-128985927-2&_gid=1086323527.1641993110&_r=1&gtm=2ou1a0&z=320124591
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gamestopsaga.paulmxller.md2site.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 12 Jan 2022 13:11:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gamestopsaga.paulmxller.md2site.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=349974126585779&ev=PageView&dl=https%3A%2F%2Fgamestopsaga.paulmxller.md2site.com%2F&rl=&if=false&ts=1641993110481&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1641993110479.322932809&it=1641993110263&coo=false&rqm=GET
Requested by
Host: gamestopsaga.paulmxller.md2site.com
URL: https://gamestopsaga.paulmxller.md2site.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestopsaga.paulmxller.md2site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 13:11:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 12 Jan 2022 13:11:50 GMT
analytics.js
www.google-analytics.com/ Frame F8AF 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132755435-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5816
date
Wed, 12 Jan 2022 11:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 12 Jan 2022 13:34:54 GMT
gamestop.svg
s3-symbol-logo.tradingview.com/ Frame F8AF 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-symbol-logo.tradingview.com/gamestop.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:e000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 12:19:25 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 08:53:53 GMT
server
AmazonS3
age
3388
etag
W/"bbf56edc1acae4673f8e03ab9e3e2290"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
cache-control
max-age=2592000,s-maxage=3600
x-amz-cf-pop
FRA60-P4
x-amz-meta-hash
bbf56edc1acae4673f8e03ab9e3e2290
x-amz-cf-id
Xmz85pU1eF93Hx5AHuw6tn8NkP5uQr1RmoSPcvWuBY51R0VmtmEOww==
US.svg
s3-symbol-logo.tradingview.com/country/ Frame F8AF 		3 KB
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-symbol-logo.tradingview.com/country/US.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:e000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 12:23:08 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 09:01:07 GMT
server
AmazonS3
age
2923
etag
W/"2a945cbbe3767a4009ec5f2c655780a7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
cache-control
max-age=2592000,s-maxage=3600
x-amz-cf-pop
FRA60-P4
x-amz-meta-hash
2a945cbbe3767a4009ec5f2c655780a7
x-amz-cf-id
eXiZAF_pou_bC4viNGMH0bT3klVSpApjmcVl3vIZfotvBwe1wx3HwA==
XTVCLRC.svg
s3-symbol-logo.tradingview.com/crypto/ Frame F8AF 		236 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-symbol-logo.tradingview.com/crypto/XTVCLRC.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:e000:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4253ad647b8375f560c02e593ae94ccc1fec2be06c41b57fc834f9ad9e5b1a58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.tradingview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 12:34:33 GMT
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
last-modified
Wed, 08 Sep 2021 09:04:16 GMT
server
AmazonS3
age
2268
etag
"7657f2608024362efdbfdf0ce0dd9333"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000,s-maxage=3600
accept-ranges
bytes
x-amz-cf-pop
FRA60-P4
x-amz-meta-hash
7657f2608024362efdbfdf0ce0dd9333
content-length
236
x-amz-cf-id
eL8zaQ1vUZkTGBiY0oyq_nR1wNFfZKUvoQY8cZPBygyW8B1oTio8Fw==
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=349974126585779&ev=Microdata&dl=https%3A%2F%2Fgamestopsaga.paulmxller.md2site.com%2F&rl=&if=false&ts=1641993111984&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22GameStopedia%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1641993110479.322932809&it=1641993110263&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamestopsaga.paulmxller.md2site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 13:11:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 12 Jan 2022 13:11:51 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onsecuritypolicyviolation object| onslotchange function| gtag object| dataLayer function| fbq function| _fbq object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

6 Cookies

Domain/Path Name / Value
.md2site.com/ Name: _ga_JJTT7LJYCH
Value: GS1.1.1641993110.1.0.1641993110.0
.md2site.com/ Name: _ga
Value: GA1.2.73432125.1641993110
.md2site.com/ Name: _gid
Value: GA1.2.1086323527.1641993110
.md2site.com/ Name: _gat_gtag_UA_128985927_2
Value: 1
.md2site.com/ Name: _fbp
Value: fb.1.1641993110479.322932809
.facebook.com/ Name: fr
Value: 0igHY8eqjv2ux8ZL9..Bh3tOW...1.0.Bh3tOW.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
gamestopsaga.paulmxller.md2site.com
i.ibb.co
s.tradingview.com
s3-symbol-logo.tradingview.com
s3.tradingview.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
18.66.139.79
18.66.97.42
2600:9000:225e:e000:1f:2f70:3e80:93a1
2a00:1450:4001:80e::200e
2a00:1450:4001:831::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.224.50.130
51.210.32.106
04ae1bab98033148ad538f75de16668550ba546065da0ed238652bc3dcb1dc60
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d249c1df55c29314cb71ba31616fc3167f5e74a208532cf79fa7cffe9c77395
1dfe717419e06af83cee15d2ba2884073ca2610383232924915693ecd06f3f9f
260a1bc8fb669ba254780cd9a20498516c7590a120f866f6ecfba90a09b3e809
33cfd3133e47050e87c16e658a97ac28ab99fd65942b61c3f72cba7d076dbf7e
3f5eacbef8f64653af592eae02fd061cfd623a33b36ae1c761974f581f19ce7f
4253ad647b8375f560c02e593ae94ccc1fec2be06c41b57fc834f9ad9e5b1a58
4f5b545fc83a1f190bac8c27e5278358fcc6546234317f358c301257b7de4af0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d1da18bcbaa7c9281f213e1815476a74289e661714323d7b59df17706969d08
70dd390dbbffd306539aabdfd281cfebf3a07b3283203938fae8fb9acc0a6211
76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05
81a5152120b935d5f14a5bb1dfda5ad939062d75168d22260eeb5ec7319f73f6
89bb9114af96f1ca84faab28b7f765ebc53dcfd966be0a717fe876c7294ffba9
8b9650a940dc91c08117a7c0804694013616f67cd2c5dbdf600a295fdadda0ea
908db561476c0ccbf79d6157f4d9b1c7846ad8297c9715b2ce20859e03c42d05
9bed32f882ce8f976af9afb51a48cd42d1d8cc3a4f758c2f16dfd17207eb4a03
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b5cd749cb21feaf9f310e93da48e7941aa496f80beac0cad3542c08ea782d482
bdfb22478a12276b68ed1a9c7db26a500b69b32e7a0741c540a8890e5cb985b1
c81c903979f0f4d26051da75d04aeeddb117d01081e0ca9cd8e41f602105e5c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855