www.herozerogame.com Open in urlscan Pro
52.51.183.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gelsbankfas.gq/
Effective URL:
http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Submission: On August 11 via automatic, source certstream-suspicious (August 11th 2019, 12:57:34 am UTC)

Summary HTTP 51 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 25 domains to perform 51 HTTP transactions. The main IP is 52.51.183.202, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.herozerogame.com.

This is the only time www.herozerogame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:30:... 2606:4700:30::6818:7adc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::681b:8f2a	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	2606:4700:30:... 2606:4700:30::6812:2ec4	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	79.110.23.98 79.110.23.98	202023 (LLHOST //...) (LLHOST // M247)
1 2	185.50.248.98 185.50.248.98	209813 (FASTCONTENT) (FASTCONTENT)
1 3	99.198.108.194 99.198.108.194	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC)
1 3	107.6.174.196 107.6.174.196	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC)
1	205.147.93.131 205.147.93.131	393676 (ZENEDGE) (ZENEDGE - Oracle Corporation)
1 1	52.0.152.125 52.0.152.125	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	45.32.92.194 45.32.92.194	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
1 1	52.215.56.20 52.215.56.20	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.51.183.202 52.51.183.202	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
19	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0b	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
3	2.16.106.162 2.16.106.162	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:200... 2600:9000:200c:600:11:647d:8600:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.230.95.111 54.230.95.111	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	172.217.22.38 172.217.22.38	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.190.210.193 35.190.210.193	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	3.81.11.167 3.81.11.167	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	52.218.20.68 52.218.20.68	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
51	26

2 2606:4700:30::6818:7adc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

gelsbankfas.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:8f2a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

manytimes.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6812:2ec4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

touchbonus.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.110.23.98 (Romania) 1 redirects

ASN202023 (LLHOST // M247, RO)

apps0199.hoolidayz77.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.50.248.98 (Haarlem, Netherlands) 1 redirects

ASN209813 (FASTCONTENT, DE)

realcenter-mobileapps2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.198.108.194 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi

best.prizedeal512.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.6.174.196 (Amsterdam, Netherlands) 1 redirects

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: bigfish.setupcentral.network

up.trkgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.147.93.131 (United States)

ASN393676 (ZENEDGE - Oracle Corporation, US)

minently.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.152.125 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-152-125.compute-1.amazonaws.com

ps.popcash.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.32.92.194 (Los Angeles, United States) 1 redirects

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 45.32.92.194.vultr.com

trafiocut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.56.20 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-56-20.eu-west-1.compute.amazonaws.com

a2g-secure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.183.202 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-183-202.eu-west-1.compute.amazonaws.com

www.herozerogame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a01:4a0:1338:28::c38a:ff0b (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

hz-static-landing.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.106.162 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-106-162.deploy.static.akamaitechnologies.com

hz-static-2.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:600:11:647d:8600:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

fstrk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.95.111 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-111.fra2.r.cloudfront.net

d2vig74li2resi.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.38 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f38.1e100.net

4368131.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.210.193 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 193.210.190.35.bc.googleusercontent.com

click.fstrk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.81.11.167 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-81-11-167.compute-1.amazonaws.com

bacon.copperegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.20.68 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	akamaized.net hz-static-landing.akamaized.net hz-static-2.akamaized.net	805 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net 4368131.fls.doubleclick.net googleads.g.doubleclick.net	2 KB
3	trkgenius.com 1 redirects up.trkgenius.com	4 KB
3	prizedeal512.info 1 redirects best.prizedeal512.info	5 KB
2	facebook.net connect.facebook.net	62 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	fstrk.net fstrk.net click.fstrk.net	11 KB
2	trafiocut.com 1 redirects trafiocut.com	1 KB
2	realcenter-mobileapps2.com 1 redirects realcenter-mobileapps2.com	924 B
2	hoolidayz77.live 1 redirects apps0199.hoolidayz77.live	788 B
2	gelsbankfas.gq gelsbankfas.gq	3 KB
1	facebook.com staticxx.facebook.com
1	amazonaws.com s3-eu-west-1.amazonaws.com	354 B
1	copperegg.com bacon.copperegg.com	111 B
1	google.de www.google.de	110 B
1	google.com www.google.com	112 B
1	cloudfront.net d2vig74li2resi.cloudfront.net	4 KB
1	googletagmanager.com www.googletagmanager.com	22 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	herozerogame.com www.herozerogame.com	10 KB
1	a2g-secure.com 1 redirects a2g-secure.com	752 B
1	popcash.net ps.popcash.net Failed	238 B
1	minently.com minently.com	3 KB
1	touchbonus.club 1 redirects touchbonus.club	535 B
1	manytimes.club manytimes.club	729 B
51	25

	Domain	Requested by
19	hz-static-landing.akamaized.net	www.herozerogame.com
3	hz-static-2.akamaized.net	www.herozerogame.com
3	up.trkgenius.com	1 redirects best.prizedeal512.info up.trkgenius.com
3	best.prizedeal512.info	1 redirects realcenter-mobileapps2.com best.prizedeal512.info
2	connect.facebook.net	connect.facebook.net
2	4368131.fls.doubleclick.net	1 redirects www.herozerogame.com
2	www.google-analytics.com	1 redirects www.herozerogame.com
2	trafiocut.com	1 redirects minently.com
2	realcenter-mobileapps2.com	1 redirects apps0199.hoolidayz77.live
2	apps0199.hoolidayz77.live	1 redirects manytimes.club
2	gelsbankfas.gq	gelsbankfas.gq
1	staticxx.facebook.com	connect.facebook.net
1	s3-eu-west-1.amazonaws.com
1	bacon.copperegg.com
1	www.google.de	www.herozerogame.com
1	www.google.com	www.herozerogame.com
1	click.fstrk.net	fstrk.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.herozerogame.com
1	d2vig74li2resi.cloudfront.net	www.herozerogame.com
1	www.googletagmanager.com	www.herozerogame.com
1	www.googleadservices.com	www.herozerogame.com
1	fstrk.net	www.herozerogame.com
1	www.herozerogame.com	trafiocut.com
1	a2g-secure.com	1 redirects
1	ps.popcash.net	minently.com
1	minently.com
1	touchbonus.club	1 redirects
1	manytimes.club	gelsbankfas.gq
51	29

This site contains links to these domains. Also see Links.

Domain
s18.herozerogame.com
silktide.com
speedint1.herozerogame.com
shop.spreadshirt.de
de.herozerogame.com
uk.herozerogame.com
fr.herozerogame.com
pl.herozerogame.com
gr.herozerogame.com
es.herozerogame.com
pt.herozerogame.com
tr.herozerogame.com
it.herozerogame.com
ru.herozerogame.com
cz.herozerogame.com
bg.herozerogame.com
lt.herozerogame.com
ro.herozerogame.com
br.herozerogame.com
mx.herozerogame.com
us.herozerogame.com
la.herozerogame.com
ap.herozerogame.com
www.facebook.com
twitter.com
app.adjust.io
store.steampowered.com
forum.herozerogame.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-08-11` - `2020-08-10`	a year	crt.sh
best.prizedeal512.info Let's Encrypt Authority X3	`2019-06-20` - `2019-09-18`	3 months	crt.sh
up.trkgenius.com Let's Encrypt Authority X3	`2019-07-21` - `2019-10-19`	3 months	crt.sh
minently.com Let's Encrypt Authority X3	`2019-07-12` - `2019-10-10`	3 months	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-10-18` - `2019-10-18`	a year	crt.sh
fstrk.net Amazon	`2018-12-20` - `2020-01-20`	a year	crt.sh
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-07-29` - `2019-10-27`	3 months	crt.sh
click.fstrk.net Let's Encrypt Authority X3	`2019-06-13` - `2019-09-11`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-11-08` - `2019-11-06`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Frame ID: F51C6C9026679736C9D4369B2EC66455
Requests: 51 HTTP requests in this frame

Frame: http://4368131.fls.doubleclick.net/activityi;dc_pre=COPs1J_O-eMCFd6ZdwodpAoHbw;src=4368131;type=hzg_ret;cat=hzg_de01;u1=[Oid];u2=[Uid];u3=[Pid];u5=[Gender];u6=[Age];u12=[Product_Price];u16=[Geo%20(City/Country)];u20=[2-digit_ISO_country_Code];ord=3567287080605.2925
Frame ID: AA1952C83AF3FA8382152CF0EEE098D9
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 2AC88F89E5E2F5231B702720982CA553
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://gelsbankfas.gq/ Page URL
http://touchbonus.club/?u=1gnpae3&o=0lpkqzc&t=mw7t2&cid=1n584rade4b1c13d77n29 HTTP 302
http://apps0199.hoolidayz77.live/6086054084/?u=1gnpae3&o=0lpkqzc&t=mw7t2&cid=1n584rade4b1c13d77n29&f=1 Page URL
http://apps0199.hoolidayz77.live/web/ HTTP 302
http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENt3i2sxNhlbZaaLIuCJXujqveAknE%2brPw%2bQaFnp7kwpGOEN4... HTTP 302
http://realcenter-mobileapps2.com/away.php Page URL
https://best.prizedeal512.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=1b9b... Page URL
https://best.prizedeal512.info/?utm_term=6723707036309127289&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://best.prizedeal512.info/proc.php?785f2f6ab392857d286e92417e01d51f41d7836a HTTP 302
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=672370703630912... Page URL
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127... Page URL
https://up.trkgenius.com/out.php?v=ac2b12ce4a5f57f4eca42ee56465d68c HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=W... Page URL
http://ps.popcash.net/ad/ad?p=216668&w=498903&d=6539fbfbca1ca848e9f4-1561026291498903 HTTP 303
http://trafiocut.com/click.php?c=52&key=csvta2rogfea0io930v999zr HTTP 302
http://trafiocut.com/jump/?jl=734925 Page URL
https://a2g-secure.com/?E=EAtBIR%2btYJMTFkcSxBLOzCSIUdNIUxwP&s1= HTTP 302
http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

51
Requests

82 %
HTTPS

43 %
IPv6

25
Domains

29
Subdomains

26
IPs

7
Countries

960 kB
Transfer

1357 kB
Size

5
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: http://s18.herozerogame.com/policy#cookies
Title: Zu unserer Cookie Policy

Search URL Search Domain Scan URL

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: http://speedint1.herozerogame.com/
Title: 15 Tage, 23 Stunden

Search URL Search Domain Scan URL

URL: https://shop.spreadshirt.de/herozero/

Search URL Search Domain Scan URL

URL: http://speedint1.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://de.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://uk.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://fr.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://pl.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://gr.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://es.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://pt.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://tr.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://it.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://ru.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://cz.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://bg.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://lt.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://ro.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://br.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://mx.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://us.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://la.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: http://ap.herozerogame.com/?ref=566-000-000-000&subid=23626_

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HeroZeroGame

Search URL Search Domain Scan URL

URL: https://twitter.com/playherozero

Search URL Search Domain Scan URL

URL: https://app.adjust.io/18uj9s

Search URL Search Domain Scan URL

URL: https://app.adjust.io/gr6lc2

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/app/482920/Hero_Zero/

Search URL Search Domain Scan URL

URL: https://forum.herozerogame.com/
Title: Forum

Search URL Search Domain Scan URL

URL: http://s18.herozerogame.com/imprint
Title: Impressum

Search URL Search Domain Scan URL

URL: http://s18.herozerogame.com/policy
Title: Datenschutz

Search URL Search Domain Scan URL

URL: http://s18.herozerogame.com/tos
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gelsbankfas.gq/ Page URL
http://touchbonus.club/?u=1gnpae3&o=0lpkqzc&t=mw7t2&cid=1n584rade4b1c13d77n29 HTTP 302
http://apps0199.hoolidayz77.live/6086054084/?u=1gnpae3&o=0lpkqzc&t=mw7t2&cid=1n584rade4b1c13d77n29&f=1 Page URL
http://apps0199.hoolidayz77.live/web/ HTTP 302
http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENt3i2sxNhlbZaaLIuCJXujqveAknE%2brPw%2bQaFnp7kwpGOEN42B0NXhDN7FpH510dxIFUeHeZgfR%2bDp3gU%2bnehVBvaUV%2bLKNPud5WPwswosaRpCIi7%2fPvchOK6CgwK5%2bec3pmX2G77wQA7urdDARdxm8Wa1pj0JDrJA7XKNNtOwyqC HTTP 302
http://realcenter-mobileapps2.com/away.php Page URL
https://best.prizedeal512.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=1b9b54f5-8bbd-479b-bd83-82569d22203c Page URL
https://best.prizedeal512.info/?utm_term=6723707036309127289&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d Page URL
https://best.prizedeal512.info/proc.php?785f2f6ab392857d286e92417e01d51f41d7836a HTTP 302
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314 Page URL
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314&m=h9_zMA7AX.X4Xb7M2MMrhn5qXMMWJ9kaJ4DND7t.tB7CJ97twt7E7n7twcMi7NMkwvuCO9wvwoWxf_SWnb7MXiw9XiXFqbO2f7WVboW0f_FWLk_E7AcFDOkx Page URL
https://up.trkgenius.com/out.php?v=ac2b12ce4a5f57f4eca42ee56465d68c HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=b00e8d4977d7b294d069a24d07b8915e&ext1=dvx Page URL
http://ps.popcash.net/ad/ad?p=216668&w=498903&d=6539fbfbca1ca848e9f4-1561026291498903 HTTP 303
http://trafiocut.com/click.php?c=52&key=csvta2rogfea0io930v999zr HTTP 302
http://trafiocut.com/jump/?jl=734925 Page URL
https://a2g-secure.com/?E=EAtBIR%2btYJMTFkcSxBLOzCSIUdNIUxwP&s1= HTTP 302
http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://touchbonus.club/?u=1gnpae3&o=0lpkqzc&t=mw7t2&cid=1n584rade4b1c13d77n29 HTTP 302
http://apps0199.hoolidayz77.live/6086054084/?u=1gnpae3&o=0lpkqzc&t=mw7t2&cid=1n584rade4b1c13d77n29&f=1

Request Chain 4

http://apps0199.hoolidayz77.live/web/ HTTP 302
http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENt3i2sxNhlbZaaLIuCJXujqveAknE%2brPw%2bQaFnp7kwpGOEN42B0NXhDN7FpH510dxIFUeHeZgfR%2bDp3gU%2bnehVBvaUV%2bLKNPud5WPwswosaRpCIi7%2fPvchOK6CgwK5%2bec3pmX2G77wQA7urdDARdxm8Wa1pj0JDrJA7XKNNtOwyqC HTTP 302
http://realcenter-mobileapps2.com/away.php

Request Chain 7

https://best.prizedeal512.info/proc.php?785f2f6ab392857d286e92417e01d51f41d7836a HTTP 302
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314

Request Chain 9

https://up.trkgenius.com/out.php?v=ac2b12ce4a5f57f4eca42ee56465d68c HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=b00e8d4977d7b294d069a24d07b8915e&ext1=dvx

Request Chain 11

http://ps.popcash.net/ad/ad?p=216668&w=498903&d=6539fbfbca1ca848e9f4-1561026291498903 HTTP 303
http://trafiocut.com/click.php?c=52&key=csvta2rogfea0io930v999zr HTTP 302
http://trafiocut.com/jump/?jl=734925

Request Chain 25

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 28

http://www.google-analytics.com/r/collect?v=1&_v=j78&a=198375431&t=pageview&_s=1&dl=http%3A%2F%2Fwww.herozerogame.com%2F%3Flang%3Dde_DE%26ref%3D566-000-000-000%26subid%3D23626_&dr=http%3A%2F%2Ftrafiocut.com%2Fjump%2F%3Fjl%3D734925&ul=en-us&de=UTF-8&dt=Hero%20Zero%20-%20das%20kostenlose%20Browserspiel!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=959580861&gjid=333796930&cid=1678467715.1565485044&tid=UA-26036908-1&_gid=1823954727.1565485044&_r=1&z=2066198864 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j78&a=198375431&t=pageview&_s=1&dl=http%3A%2F%2Fwww.herozerogame.com%2F%3Flang%3Dde_DE%26ref%3D566-000-000-000%26subid%3D23626_&dr=http%3A%2F%2Ftrafiocut.com%2Fjump%2F%3Fjl%3D734925&ul=en-us&de=UTF-8&dt=Hero%20Zero%20-%20das%20kostenlose%20Browserspiel!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=959580861&gjid=333796930&cid=1678467715.1565485044&tid=UA-26036908-1&_gid=1823954727.1565485044&_r=1&z=2066198864 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26036908-1&cid=1678467715.1565485044&jid=959580861&_gid=1823954727.1565485044&gjid=333796930&_v=j78&z=2066198864

Request Chain 36

http://4368131.fls.doubleclick.net/activityi;src=4368131;type=hzg_ret;cat=hzg_de01;u1=[Oid];u2=[Uid];u3=[Pid];u5=[Gender];u6=[Age];u12=[Product_Price];u16=[Geo%20(City/Country)];u20=[2-digit_ISO_country_Code];ord=3567287080605.2925 HTTP 302
http://4368131.fls.doubleclick.net/activityi;dc_pre=COPs1J_O-eMCFd6ZdwodpAoHbw;src=4368131;type=hzg_ret;cat=hzg_de01;u1=[Oid];u2=[Uid];u3=[Pid];u5=[Gender];u6=[Age];u12=[Product_Price];u16=[Geo%20(City/Country)];u20=[2-digit_ISO_country_Code];ord=3567287080605.2925

Request Chain 47

http://connect.facebook.net/de_DE/sdk.js HTTP 307
https://connect.facebook.net/de_DE/sdk.js

51 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
gelsbankfas.gq/ 4 KB
2 KB 205ms
135ms Document
text/html 2606:4700:30::6818:7adc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gelsbankfas.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:7adc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6592f0416e9ea3f6e45e2f8cedd042d385397b77d5f38c858c084db1149cc672

Request headers

:method: GET
:authority: gelsbankfas.gq
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Sun, 11 Aug 2019 00:57:16 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0c78061710ff90ad5da88fface2b9afd1565485036; expires=Mon, 10-Aug-20 00:57:16 GMT; path=/; domain=.gelsbankfas.gq; HttpOnly; Secure
expires: Wed, 21 Aug 2019 00:57:16 GMT
last-modified: Sun, 11 Aug 2019 00:57:16 GMT
cache-control: public, max-age=864000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 504641257f7e2736-FRA
content-encoding: br

GET
H2 200 style.css
gelsbankfas.gq/ 4 KB
1 KB 24ms
22ms Stylesheet
text/css 2606:4700:30::6818:7adc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gelsbankfas.gq/style.css
Requested by: Host: gelsbankfas.gq
URL: https://gelsbankfas.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:7adc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a302e844b1c85a863fecf56321e2e0a44820b42139ee0e7ad2275f5ea5a489a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gelsbankfas.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 11 Aug 2019 00:57:16 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
status: 200
cache-control: public, max-age=2678400
cf-ray: 504641266fe62736-FRA
expires: Wed, 11 Sep 2019 00:57:16 GMT

GET
H2 200 /
manytimes.club/ 219 B
729 B 35ms
35ms Script
application/javascript 2606:4700:30::681b:8f2a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://manytimes.club/?L6cYvp&keyword=&se_referrer=&

Requested by

Host: gelsbankfas.gq
URL: https://gelsbankfas.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:8f2a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gelsbankfas.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2019 00:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 11 Aug 2019 00:57:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
cf-ray: 504641269cb796f2-FRA
expires: 0

GET
H/1.1

200
OK

Cookie set / Show response
apps0199.hoolidayz77.live/6086054084/
Redirect Chain

http://touchbonus.club/?u=1gnpae3&o=0lpkqzc&t=mw7t2&cid=1n584rade4b1c13d77n29
http://apps0199.hoolidayz77.live/6086054084/?u=1gnpae3&o=0lpkqzc&t=mw7t2&cid=1n584rade4b1c13d77n29&f=1

85 B
382 B

166ms
132ms

Document
text/html

79.110.23.98
LLHOST // M247

General

Check archive.org

Show headers Download Go to

Full URL: http://apps0199.hoolidayz77.live/6086054084/?u=1gnpae3&o=0lpkqzc&t=mw7t2&cid=1n584rade4b1c13d77n29&f=1
Requested by: Host: manytimes.club
URL: https://manytimes.club/?L6cYvp&keyword=&se_referrer=&
Protocol: HTTP/1.1
Server: 79.110.23.98 , Romania, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: a7bae1c42dc7bbd0783d5fa483075b3ca30c47f7b83bbd0fa3816407cb6161d6

Request headers

Host: apps0199.hoolidayz77.live
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx/1.12.0
Date: Sun, 11 Aug 2019 00:57:16 GMT
Content-Type: text/html
Content-Length: 85
Connection: keep-alive
Cache-Control: private
Set-Cookie: ASP.NET_SessionId=xozyawpcutqadsnsmwitxru4; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

Redirect headers

Date: Sun, 11 Aug 2019 00:57:16 GMT
Content-Length: 235
Connection: keep-alive
Set-Cookie: __cfduid=d63f656de73be0f85c66b771b937263071565485036; expires=Mon, 10-Aug-20 00:57:16 GMT; path=/; domain=.touchbonus.club; HttpOnly ASP.NET_SessionId=0bzuqvxdyykxpcq0tu54glb1; path=/; HttpOnly
Cache-Control: private
Location: http://apps0199.hoolidayz77.live/6086054084/?u=1gnpae3&o=0lpkqzc&t=mw7t2&cid=1n584rade4b1c13d77n29&f=1
X-Powered-By: ASP.NET
Server: cloudflare
CF-RAY: 50464126d81a97f6-FRA

GET
H/1.1

200
OK

away.php Show response
realcenter-mobileapps2.com/
Redirect Chain

http://apps0199.hoolidayz77.live/web/
http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENt3i2sxNhlbZaaLIuCJXujqveAknE%2brPw%2bQaFnp7kwpGOEN42B0NXhDN7FpH510dxIFUeHeZgfR%2bDp3gU%2bnehVBvaUV%2bLKNPud5WPwswosaRpCIi7%2fPvchOK6CgwK5%...
http://realcenter-mobileapps2.com/away.php

340 B
569 B

14ms
13ms

Document
text/html

185.50.248.98
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: http://realcenter-mobileapps2.com/away.php
Requested by: Host: apps0199.hoolidayz77.live
URL: http://apps0199.hoolidayz77.live/6086054084/?u=1gnpae3&o=0lpkqzc&t=mw7t2&cid=1n584rade4b1c13d77n29&f=1
Protocol: HTTP/1.1
Server: 185.50.248.98 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 99c791ac0aafb9b061b9ef84a8869573cf7951d7c5b4f89c1537958d888eb485

Request headers

Host: realcenter-mobileapps2.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://apps0199.hoolidayz77.live/6086054084/?u=1gnpae3&o=0lpkqzc&t=mw7t2&cid=1n584rade4b1c13d77n29&f=1
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=5sf316d3fpo9c8sgu90pb36c31
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://apps0199.hoolidayz77.live/6086054084/?u=1gnpae3&o=0lpkqzc&t=mw7t2&cid=1n584rade4b1c13d77n29&f=1

Response headers

Server: nginx
Date: Sun, 11 Aug 2019 00:57:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Sun, 11 Aug 2019 00:57:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=5sf316d3fpo9c8sgu90pb36c31; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: /away.php

GET
H2 200 / Show response
best.prizedeal512.info/ 3 KB
2 KB 113ms
113ms Document
text/html 99.198.108.194
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://best.prizedeal512.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=1b9b54f5-8bbd-479b-bd83-82569d22203c

Requested by

Host: realcenter-mobileapps2.com
URL: http://realcenter-mobileapps2.com/away.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.198.108.194 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

e260d184e96e6fef01137c6af8bcb0423a983924ea5e2335ca4723d5a58d8c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: best.prizedeal512.info
:scheme: https
:path: /?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=1b9b54f5-8bbd-479b-bd83-82569d22203c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate

Response headers

status: 200
server: nginx
date: Sun, 11 Aug 2019 00:57:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=3d0a2433aa81eb3f3504e4e0172e96c0; expires=Mon, 10-Aug-2020 00:57:17 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2 200 / Show response
best.prizedeal512.info/ 7 KB
3 KB 126ms
125ms Document
text/html 99.198.108.194
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://best.prizedeal512.info/?utm_term=6723707036309127289&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d

Requested by

Host: best.prizedeal512.info
URL: https://best.prizedeal512.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=1b9b54f5-8bbd-479b-bd83-82569d22203c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.198.108.194 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

56b56dae4ce1b2a16383622861b02aa2105c0b9447840e089e70849f3da9302a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: best.prizedeal512.info
:scheme: https
:path: /?utm_term=6723707036309127289&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://best.prizedeal512.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=1b9b54f5-8bbd-479b-bd83-82569d22203c
accept-encoding: gzip, deflate, br
cookie: u=3d0a2433aa81eb3f3504e4e0172e96c0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://best.prizedeal512.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=1b9b54f5-8bbd-479b-bd83-82569d22203c

Response headers

status: 200
server: nginx
date: Sun, 11 Aug 2019 00:57:17 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

in.html Show response
up.trkgenius.com/
Redirect Chain

https://best.prizedeal512.info/proc.php?785f2f6ab392857d286e92417e01d51f41d7836a
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314

6 KB
3 KB

50ms
15ms

Document
text/html

107.6.174.196
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314

Requested by

Host: best.prizedeal512.info
URL: https://best.prizedeal512.info/?utm_term=6723707036309127289&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

bigfish.setupcentral.network

Software

nginx/1.17.0 /

Resource Hash

7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: up.trkgenius.com
:scheme: https
:path: /in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://best.prizedeal512.info/?utm_term=6723707036309127289&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://best.prizedeal512.info/?utm_term=6723707036309127289&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d

Response headers

status: 200
server: nginx/1.17.0
date: Sun, 11 Aug 2019 00:57:17 GMT
content-type: text/html
last-modified: Sun, 27 Jan 2019 05:38:08 GMT
etag: W/"5c4d43c0-1605"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Sun, 11 Aug 2019 00:57:17 GMT
content-type: text/html; charset=UTF-8
location: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2 200 in.php Show response
up.trkgenius.com/ 1 KB
983 B 25ms
25ms Document
text/html 107.6.174.196
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314&m=h9_zMA7AX.X4Xb7M2MMrhn5qXMMWJ9kaJ4DND7t.tB7CJ97twt7E7n7twcMi7NMkwvuCO9wvwoWxf_SWnb7MXiw9XiXFqbO2f7WVboW0f_FWLk_E7AcFDOkx

Requested by

Host: up.trkgenius.com
URL: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

bigfish.setupcentral.network

Software

nginx/1.17.0 /

Resource Hash

d9a5e775a611472bceefe5376f66ef28131b9a5f6604dda7717055517e8ebb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: up.trkgenius.com
:scheme: https
:path: /in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314&m=h9_zMA7AX.X4Xb7M2MMrhn5qXMMWJ9kaJ4DND7t.tB7CJ97twt7E7n7twcMi7NMkwvuCO9wvwoWxf_SWnb7MXiw9XiXFqbO2f7WVboW0f_FWLk_E7AcFDOkx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314

Response headers

status: 200
server: nginx/1.17.0
date: Sun, 11 Aug 2019 00:57:17 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
refresh: 0; url=out.php?v=ac2b12ce4a5f57f4eca42ee56465d68c
set-cookie: t=65aa34d9db53f2ff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2

200

-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ Show response
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

https://up.trkgenius.com/out.php?v=ac2b12ce4a5f57f4eca42ee56465d68c
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=b00e8d4977d7b294d069a24d07b8915e&ext1=dvx

5 KB
3 KB

43ms
43ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=b00e8d4977d7b294d069a24d07b8915e&ext1=dvx

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

5d3528c21d8e3f99a35e6f76feb96d7644153acbb5f92a42dc81de1dae8fe69e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=b00e8d4977d7b294d069a24d07b8915e&ext1=dvx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314&m=h9_zMA7AX.X4Xb7M2MMrhn5qXMMWJ9kaJ4DND7t.tB7CJ97twt7E7n7twcMi7NMkwvuCO9wvwoWxf_SWnb7MXiw9XiXFqbO2f7WVboW0f_FWLk_E7AcFDOkx
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6723707036309127289&pubid=1314&m=h9_zMA7AX.X4Xb7M2MMrhn5qXMMWJ9kaJ4DND7t.tB7CJ97twt7E7n7twcMi7NMkwvuCO9wvwoWxf_SWnb7MXiw9XiXFqbO2f7WVboW0f_FWLk_E7AcFDOkx

Response headers

status: 200
content-type: text/html;charset=utf-8
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
date: Sun, 11 Aug 2019 00:57:17 GMT
content-encoding: gzip
set-cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=75149a32d6388d76eee66d7b36565749_1565485037.6362; domain=minently.com; path=/; expires=Wed, 08-Aug-2029 00:57:17 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1565485037.6386; domain=minently.com; path=/; expires=Wed, 08-Aug-2029 00:57:17 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3VlpHQ3dvUGJlQ3RHQTJMdXBRcWRzeWlSOUtkN0dsZ2RidjRqOENBUkZLQQ%3D%3D; domain=minently.com; path=/; expires=Wed, 08-Aug-2029 00:57:17 UTC; Secure 75149a32d6388d76eee66d7b36565749_1565485037.6362_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bnZEc0kzbHpMem9zQnQxUTE4UkJTc3pwSFlKY3BWM212TCt6Rldsb0p6U2NHNGJ1SFJUUzRSN1VkWlhETFVwT3NMYW5tLzQ3L1h5eW5TWjdyS1ZRYmxoeXBSbnY4cWF3OStIaXN4WTV5Nlp0VzIvajc2elo1eXZrNjhNdk1FS1l6cGpnV2I0NVdwMjZCNnI2cTlOWDlVdk5FZm4wWjAySDcvd3JSQklxUVczR3JjQmRNQUpHbmFoWG5xYnBORlVPSUMvdVlrWnJoa2tFM2VBVkpqNVV3UEZyZitEVGVEcG1NRW9VTmUya2dITTRlaXVUemQxanJLMjhPNGw2N2Y2OFFMNXh5NFhMSDlaUXhIUEw1THp3UzdkVUJCSjlYZlFLUDVxMVQzcjYxcXFDaXZaVHpvbXdOVXQ0UkI0L3YrZWVpbHRpMjJUNi9MMHZRT291amhSZm5DdFNBY2twWHhRb3JYby9RNFEvdlVrNXZQN3N4LzY4TU5jOVF5VTRoYWg1YURObjd5OE1jb0FJM3FPV09uZXpuN2VQZC9jaWtFcVJ4dFVqWW5oZXhyd2d2aUlYaWZxTGZkZ3NGQm5zVkxKMVdZVk9iOG5uNTIrV2kwcDdoTS9EWmhOK1pkNFVlRUNmVzVBbjZzVTJwY1lqekZYUlFMUXVBKzJESXcrOGNLdXE2alBTL1ZRVm5OWXVTV2lwU1daZldvNXdxYUlkR21qNFpSR3l3Uk9TWlJNby9ibmNMSjZOV2RKSVlHcXVEcU1MRm90Y2c3bzgxSzdQL1o3dnh3MGJIRkxuc2JGbnkxZE9jRTk2TVBmbk9LTVVDUU9GMjlibnk3aWJhNUNvOTViZThWWG1PZEZXWVMyRFFCbXFpVDJ0WG1Ub3A0bGRxZWE4QktiZjl4YXBJNkFjMXd4a3J0bFZnTDNZaVpPTHd1K3NxYVdmM01UcENjSFpkTS9oODNOamk5VW41ZFhaOTc2KzFkbmxxNTNOalhLYUdSZG5jUlpMUkw0KzJxMitkKzI0Z3AxbUNQaFdXOFBKdWZFa0VTdFdsTlVvUkgyUVVWRXZXdldDL0U0NkZpSFAwZ3FmNXJFbGxLUzJrZjNJNVRxbWplL3cyQmFOditaYndRNjdScUJBZG9jRWYvK3c3NFExZ28zbjJ6b055aE00UDlmSUU1dXRodzlYS0V6VVltbE9KbWxWWVc5NnNXQU1IRUhQMHZCc1FOSS8vbTFPcGVuQk5oTEpaYmZibER2; domain=minently.com; path=/; expires=Wed, 08-Aug-2029 00:57:17 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=SEV4S1dxc0Z2UVUrVll0d3BRYVh6SGJrZjhveGM4L245eDFMbklPSklRai81NU9UMVNaV3pFaXdTeHl1d1hnS3pxbzhONjcyK01UaENPNENsaVZIdTFUSk0vMk5aUTlLcWltN3B0dHpqR3c9; domain=minently.com; path=/; expires=Sun, 11-Aug-2019 02:02:17 UTC; Secure SERVERID=sfc6; path=/
server: ZENEDGE
strict-transport-security: max-age=31536000; includeSubDomains;
x-zen-fury: 57edbcaaf5d179dbaec4d79e12c8a7e5d4a1a3e5
expires: Sat, 26 Jul 1997 05:00:00 GMT
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx/1.17.0
date: Sun, 11 Aug 2019 00:57:17 GMT
content-type: text/html; charset=UTF-8
location: https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=b00e8d4977d7b294d069a24d07b8915e&ext1=dvx
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
strict-transport-security: max-age=31536000; includeSubDomains

GET ad
ps.popcash.net/ad/ 0
0

GET
H/1.1

200
OK

Cookie set / Show response
trafiocut.com/jump/
Redirect Chain

http://ps.popcash.net/ad/ad?p=216668&w=498903&d=6539fbfbca1ca848e9f4-1561026291498903
http://trafiocut.com/click.php?c=52&key=csvta2rogfea0io930v999zr
http://trafiocut.com/jump/?jl=734925

344 B
644 B

313ms
158ms

Document
text/html

45.32.92.194
Choopa

General

Check archive.org

Show headers Download Go to

Full URL: http://trafiocut.com/jump/?jl=734925
Requested by: Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=b00e8d4977d7b294d069a24d07b8915e&ext1=dvx
Protocol: HTTP/1.1
Server: 45.32.92.194 Los Angeles, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS: 45.32.92.194.vultr.com
Software: Apache / PHP/5.6.30
Resource Hash: 486c44829bf00d422f0deeaf855f94ee034861da9f7bdd66a19a9cb876b5b694

Request headers

Host: trafiocut.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://minently.com/
Accept-Encoding: gzip, deflate
Cookie: offerLink=pQDfiPhPaPpdieTzxtJ0HQ%3D%3DgiNJ9YsZ6x629fju39YH%2FaPqLgJrL6IpYV%2BrQ59Aa3FV06qOnk6P3NzItjfn0QSG6E0jrmxI%2BMDWQnDbswBXZmxynXbPjgINzgscqvJpYdc%3D; IMT1565485040550=2oyovHX%2B8comsnUJDX1VRg%3D%3DjmmbqPF6yaCImIL6UGRA3S253ODzbCx%2Fpr69vT1U9oA%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minently.com/

Response headers

Date: Sun, 11 Aug 2019 00:57:20 GMT
Server: Apache
X-Powered-By: PHP/5.6.30
P3P: CP="This site does not have a p3p policy."
Set-Cookie: offerLink=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=trafiocut.com
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 237
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 11 Aug 2019 00:57:20 GMT
Server: Apache
X-Powered-By: PHP/5.6.30
Set-Cookie: offerLink=pQDfiPhPaPpdieTzxtJ0HQ%3D%3DgiNJ9YsZ6x629fju39YH%2FaPqLgJrL6IpYV%2BrQ59Aa3FV06qOnk6P3NzItjfn0QSG6E0jrmxI%2BMDWQnDbswBXZmxynXbPjgINzgscqvJpYdc%3D; expires=Sun, 11-Aug-2019 01:57:20 GMT; Max-Age=3600; path=/; domain=trafiocut.com IMT1565485040550=2oyovHX%2B8comsnUJDX1VRg%3D%3DjmmbqPF6yaCImIL6UGRA3S253ODzbCx%2Fpr69vT1U9oA%3D; expires=Mon, 12-Aug-2019 06:57:20 GMT; Max-Age=108000; path=/; domain=trafiocut.com
Upgrade: h2
Connection: Upgrade, close
Location: http://trafiocut.com/jump/?jl=734925
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.herozerogame.com/
Redirect Chain

https://a2g-secure.com/?E=EAtBIR%2btYJMTFkcSxBLOzCSIUdNIUxwP&s1=
http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_

33 KB
10 KB

1095ms
38ms

Document
text/html

52.51.183.202
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Requested by: Host: trafiocut.com
URL: http://trafiocut.com/jump/?jl=734925
Protocol: HTTP/1.1
Server: 52.51.183.202 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-51-183-202.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 / PHP/7.1.27
Resource Hash: 66a24a9b4fa5e114fec60f60ce65b0f116d07c8df51ce642addb6e4d2e12e256

Request headers

Host: www.herozerogame.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://trafiocut.com/jump/?jl=734925
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://trafiocut.com/jump/?jl=734925

Response headers

Date: Sun, 11 Aug 2019 00:57:23 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.14.1
X-Powered-By: PHP/7.1.27
Set-Cookie: lang=de_DE; expires=Mon, 10-Aug-2020 00:57:23 GMT; Max-Age=31536000; path=/; domain=.herozerogame.com
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Length: 197
Content-Type: text/html; charset=utf-8
Date: Sun, 11 Aug 2019 00:57:21 GMT
Location: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=aqvR+yozwBMyfPhQCXlVUzRVKVVJqn6l66zZapWz0CnOdGmqWVvdQw==; domain=.a2g-secure.com; path=/; HttpOnly trk=rkJOUWXHNax6l4MIQKFMKTRVKVVJqn6l66zZapWz0CnOdGmqWVvdQw==; domain=.a2g-secure.com; expires=Sun, 11-Aug-2024 02:57:22 GMT; path=/; HttpOnly c15805=aqvR+yozwBNyj+snHqpRhNeWmybSwRgCTKLqN8Yeiz+sT6KTh4g5Lw==; domain=.a2g-secure.com; expires=Tue, 10-Sep-2019 00:57:22 GMT; path=/; HttpOnly
Connection: close

GET
H/1.1 200
OK bootstrap-1.1.0.min.css
hz-static-landing.akamaized.net/css/ 34 KB
7 KB 79ms
14ms Stylesheet
text/css 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://hz-static-landing.akamaized.net/css/bootstrap-1.1.0.min.css
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: aadc0d0bd051b5add1853d1d2cc341f8cfa8ca8ea6643a05347b8adf06cfe7fa

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jul 2019 06:24:58 GMT
Server: nginx/1.14.1
ETag: "5d36a83a-88b0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6388

GET
H/1.1 200
OK main.css
hz-static-landing.akamaized.net/css/compressed/ 6 KB
2 KB 85ms
21ms Stylesheet
text/css 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://hz-static-landing.akamaized.net/css/compressed/main.css
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: cd35e31bb9037ef2ff296781a211571499e69b94d0352d10b70d326e0f500d80

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jul 2019 06:24:56 GMT
Server: nginx/1.14.1
ETag: "5d36a838-1600"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1512

GET
H/1.1 200
OK main_newCharacter_ws.css
hz-static-landing.akamaized.net/css/ 1 KB
863 B 77ms
13ms Stylesheet
text/css 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://hz-static-landing.akamaized.net/css/main_newCharacter_ws.css
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 259039cfb4f6e37698581048b9fb8e249ebcb9ce79a6f2132f31fef6ee25515a

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jul 2019 06:24:58 GMT
Server: nginx/1.14.1
ETag: "5d36a83a-4b4"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 512

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
hz-static-landing.akamaized.net/js/ 85 KB
30 KB 79ms
15ms Script
application/javascript 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://hz-static-landing.akamaized.net/js/jquery-3.3.1.min.js
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jul 2019 06:24:56 GMT
Server: nginx/1.14.1
ETag: "5d36a838-1538f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30351

GET
H/1.1 200
OK tracking.js Show response
hz-static-landing.akamaized.net/js/ 422 B
740 B 76ms
12ms Script
application/javascript 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://hz-static-landing.akamaized.net/js/tracking.js?3a1824dad2da6ba85099985d0f479c20
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 6cbc72aa5563ff6f15ac7d574cc609bce28e98632e9cbb5c0015c26deccf7223

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:23 GMT
Last-Modified: Tue, 23 Jul 2019 06:24:56 GMT
Server: nginx/1.14.1
ETag: "5d36a838-1a6"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 422

GET
H/1.1 200
OK cookieconsent.latest.min.js Show response
hz-static-2.akamaized.net/js/ 4 KB
2 KB 532ms
7ms Script
application/javascript 2.16.106.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://hz-static-2.akamaized.net/js/cookieconsent.latest.min.js
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.106.162 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-106-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a56e776bca3d2a00c0cee97f9b3a04106d208fae509969c40387515301028aaa

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
x-amz-request-id: E3059A4C8E93B6F5
Connection: keep-alive
Content-Length: 1920
x-amz-id-2: Afp0TbAtlkDbyKVgY3aPP6zv3XhcE6pyHwxLBIUnfN6BSHMrk+TJXDOFhnBDs4PZ+JEiqGNui1k=
Last-Modified: Wed, 18 Jan 2017 12:50:09 GMT
Server: AmazonS3
ETag: "9733546c9a0004b2824b36f08eec0321"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK jquery.countdown.js Show response
hz-static-2.akamaized.net/js/preregistration/ 30 KB
9 KB 542ms
8ms Script
application/javascript 2.16.106.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://hz-static-2.akamaized.net/js/preregistration/jquery.countdown.js?76239148ae8adaef2bc504a730cd3434
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.106.162 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-106-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d5a2dcbb53e0b4fa2d084663db6832b514af5bb5100dff6d6a8d0b24efd27752

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
x-amz-request-id: 951040B2E4D7F575
Connection: keep-alive
Content-Length: 8349
x-amz-id-2: YkEoFTEu7uNCyRQ7cl+Q6nndNvZkCx6RbtD1BhWLOrHP7PVhOSNOWPv0lsudkCCIkGgpX0SoX3g=
Last-Modified: Wed, 18 Jan 2017 13:18:56 GMT
Server: AmazonS3
ETag: "76239148ae8adaef2bc504a730cd3434"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK jquery.countdown-de.js Show response
hz-static-2.akamaized.net/js/preregistration/ 516 B
1 KB 551ms
7ms Script
application/javascript 2.16.106.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://hz-static-2.akamaized.net/js/preregistration/jquery.countdown-de.js?f6b0512071a244d4c8c29da8eccf96d0
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.106.162 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-106-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 54e4d65499750e9672c18483a83800a63e92cdafa35f0bd2d5d366588f29c1ae

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Last-Modified: Wed, 18 Jan 2017 13:18:53 GMT
Server: AmazonS3
x-amz-request-id: 62BD898413629540
ETag: "f6b0512071a244d4c8c29da8eccf96d0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 516
x-amz-id-2: mIfizsznPJBX4Pk+womz9wwFbHjro37J3Onx2QkbCtH6MsQfTfLIZMq2aEFyyio4Za4eWk1+Sfk=

GET
H/1.1 200
OK button_speedserver.png
hz-static-landing.akamaized.net/images/ 29 KB
29 KB 82ms
19ms Image
image/png 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hz-static-landing.akamaized.net/images/button_speedserver.png
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 0af712da14e2a6406a2c01801d4cdca5ed948b606f87b62b30bb001570fa10f9

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:23 GMT
Last-Modified: Sun, 28 Jul 2019 23:01:43 GMT
Server: nginx/1.14.1
ETag: "5d3e2957-7282"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29314

GET
H/1.1 200
OK top-label-button2.png
hz-static-landing.akamaized.net/de_DE/images/ 2 KB
2 KB 18ms
14ms Image
image/png 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hz-static-landing.akamaized.net/de_DE/images/top-label-button2.png
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 6cbf690193f35b511ffd587ecb3c354e1cf5c82a4bab624eb43d3efc26102fe3

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:23 GMT
Last-Modified: Tue, 23 Jul 2019 06:24:57 GMT
Server: nginx/1.14.1
ETag: "5d36a839-65b"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1627

GET
H/1.1 200
OK app_logo.png
hz-static-landing.akamaized.net//images/ 21 KB
21 KB 15ms
15ms Image
image/png 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hz-static-landing.akamaized.net//images/app_logo.png
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 689797dae122c420e9f4d5d9e3dc40d2cd78bde12a4acd86b850bbe90cfbf4a2

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:23 GMT
Last-Modified: Tue, 23 Jul 2019 06:24:56 GMT
Server: nginx/1.14.1
ETag: "5d36a838-5461"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21601

GET
H2 200 landing.js Show response
fstrk.net/api/tracker/f457c545a9ded88f18ecee47145a72c0/ 38 KB
11 KB 38ms
7ms Script
application/javascript 2600:9000:200c:600:11:647d:8600:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://fstrk.net/api/tracker/f457c545a9ded88f18ecee47145a72c0/landing.js
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:600:11:647d:8600:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6980b407abe04e3ab6115aad7d4f25bb5581d2b182e9353aa38f06dc7433a42

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 22 Jul 2019 08:32:46 GMT
content-encoding: gzip
last-modified: Wed, 17 Jul 2019 15:29:44 GMT
server: AmazonS3
age: 2436
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2
x-amz-meta-cache-control: 315360000
x-amz-cf-id: S7p4Jdjxp7V2fATDlrW5fOPU6kbEGEBgNUA_mVCgLj8XPgjRTzod9Q==
via: 1.1 7af5638099b4c0c5cbf2f9c79d5100fd.cloudfront.net (CloudFront)

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 24 KB
10 KB 23ms
15ms Script
text/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_

Protocol

HTTP/1.1

Security

, ,

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

4ca885a3ff5e886a2c591a4f2c7ccc0e23f70a44b59a307f113ab76c006a31fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 11 Aug 2019 00:57:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 4919431266759004636
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 9366
X-XSS-Protection: 0
Expires: Sun, 11 Aug 2019 00:57:23 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

5ms
5ms

Script
text/javascript

2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Jul 2019 21:35:27 GMT
server: Golfe2
age: 615
date: Sun, 11 Aug 2019 00:47:08 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17724
expires: Sun, 11 Aug 2019 02:47:08 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 59 KB
22 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MNBGFSL

Requested by

Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8751a0a89dfa6c1298eaa0adf782443a6662bd85eff5e41d610af9f0b59a0e7a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 11 Aug 2019 00:57:23 GMT
content-encoding: br
last-modified: Sun, 11 Aug 2019 00:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 22053
x-xss-protection: 0
expires: Sun, 11 Aug 2019 00:57:23 GMT

GET
H/1.1 200
OK bacon.min.js Show response
d2vig74li2resi.cloudfront.net/rum/ 12 KB
4 KB 1077ms
7ms Script
application/x-javascript 54.230.95.111
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2vig74li2resi.cloudfront.net/rum/bacon.min.js
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: , ,
Server: 54.230.95.111 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1172c21ebf8dedc79b6a879f52cf17137e4f04ef71a324cb2ae00ca01ae3c0ed

Request headers

Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
ETag: "091aff83cf242e1507290cf6dc2dab6a"
Age: 16085
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3659
Last-Modified: Tue, 17 Jan 2017 11:05:13 GMT
Server: AmazonS3
Date: Sat, 10 Aug 2019 20:29:20 GMT
Content-Type: application/x-javascript
Via: 1.1 f9448dbaac49aad821506cba2852f911.cloudfront.net (CloudFront)
Cache-Control: max-age=21600
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
X-Amz-Cf-Id: beaqFuDvXv91jVh3HLXrgEEqRtjENovXp7EtXjxExMLaFErcU2MEsA==

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j78&a=198375431&t=pageview&_s=1&dl=http%3A%2F%2Fwww.herozerogame.com%2F%3Flang%3Dde_DE%26ref%3D566-000-000-000%26subid%3D23626_&dr=http%3A%2F%2Ftraf...
https://www.google-analytics.com/r/collect?v=1&_v=j78&a=198375431&t=pageview&_s=1&dl=http%3A%2F%2Fwww.herozerogame.com%2F%3Flang%3Dde_DE%26ref%3D566-000-000-000%26subid%3D23626_&dr=http%3A%2F%2Ftra...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26036908-1&cid=1678467715.1565485044&jid=959580861&_gid=1823954727.1565485044&gjid=333796930&_v=j78&z=2066198864

35 B
102 B

16ms
14ms

Image
image/gif

2a00:1450:400c:c06::9b
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26036908-1&cid=1678467715.1565485044&jid=959580861&_gid=1823954727.1565485044&gjid=333796930&_v=j78&z=2066198864

Requested by

Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 11 Aug 2019 00:57:23 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Aug 2019 00:57:23 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26036908-1&cid=1678467715.1565485044&jid=959580861&_gid=1823954727.1565485044&gjid=333796930&_v=j78&z=2066198864
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 206
Partial Content lp_background_test.mp4
hz-static-landing.akamaized.net//images/ 498 KB
498 KB 22ms
21ms Media
video/mp4 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://hz-static-landing.akamaized.net//images/lp_background_test.mp4
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 1f801537a1403148a2c66c27026b810e60e6724f06849f0bfdbc064919ad7d36

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Last-Modified: Tue, 23 Jul 2019 06:24:56 GMT
Server: nginx/1.14.1
Access-Control-Allow-Origin: *
ETag: "5d36a838-7c845"
Access-Control-Allow-Methods: GET
Content-Type: video/mp4
Content-Range: bytes 0-510020/510021
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 510021

GET
H/1.1 200
OK mega-store-button.png
hz-static-landing.akamaized.net/images/ 54 KB
54 KB 17ms
15ms Image
image/png 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hz-static-landing.akamaized.net/images/mega-store-button.png
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 24d2fc7e6d6ca5c2684ed3e66a2da4bf82950819275788f3f834dd6cea04e8c0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://hz-static-landing.akamaized.net/css/main_newCharacter_ws.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Last-Modified: Tue, 23 Jul 2019 06:24:56 GMT
Server: nginx/1.14.1
ETag: "5d36a838-d608"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54792

GET
H/1.1 200
OK en_WO.png
hz-static-landing.akamaized.net/images/flags/ 1 KB
2 KB 12ms
10ms Image
image/png 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hz-static-landing.akamaized.net/images/flags/en_WO.png
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 425921b3e68d7ce352f590e9ec48a3b2c8a71b4b62dc3646b70b77c80a51f34b

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/de_DE/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Last-Modified: Mon, 29 Jul 2019 06:04:15 GMT
Server: nginx/1.14.1
ETag: "5d3e8c5f-574"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1396

GET
H/1.1 200
OK flags.png
hz-static-landing.akamaized.net/images/flags/ 5 KB
5 KB 17ms
15ms Image
image/png 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hz-static-landing.akamaized.net/images/flags/flags.png
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 9dd25ec0d22098a26df378577194c915a2a3ac026fbf65aa35c196695bd79343

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/de_DE/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Last-Modified: Tue, 23 Jul 2019 06:24:56 GMT
Server: nginx/1.14.1
ETag: "5d36a838-1437"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5175

GET
H/1.1 200
OK GROBOLD.ttf
hz-static-landing.akamaized.net/css/ 108 KB
108 KB 39ms
23ms Font
application/octet-stream 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://hz-static-landing.akamaized.net/css/GROBOLD.ttf
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 4d72af4abe48b4be146577824f86aee8364d6be7898f6a57b855bbae036e6db4

Request headers

Sec-Fetch-Mode: cors
Referer: http://www.herozerogame.com/de_DE/
Origin: http://www.herozerogame.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Last-Modified: Tue, 23 Jul 2019 06:24:58 GMT
Server: nginx/1.14.1
ETag: "5d36a83a-1ae74"
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110196

GET
H/1.1

200
OK

Cookie set Country)];u20=[2-digit_ISO_country_Code];ord=3567287080605.2925
4368131.fls.doubleclick.net/activityi;dc_pre=COPs1J_O-eMCFd6ZdwodpAoHbw;src=4368131;type=hzg_ret;cat=hzg_de01;u1=[Oid];u2=[Uid];u3=[Pid];u5=[Gender];u6=[Age];u12=[Product_Price];u16=[Geo%20(City/ Frame AA19
Redirect Chain

http://4368131.fls.doubleclick.net/activityi;src=4368131;type=hzg_ret;cat=hzg_de01;u1=[Oid];u2=[Uid];u3=[Pid];u5=[Gender];u6=[Age];u12=[Product_Price];u16=[Geo%20(City/Country)];u20=[2-digit_ISO_co...
http://4368131.fls.doubleclick.net/activityi;dc_pre=COPs1J_O-eMCFd6ZdwodpAoHbw;src=4368131;type=hzg_ret;cat=hzg_de01;u1=[Oid];u2=[Uid];u3=[Pid];u5=[Gender];u6=[Age];u12=[Product_Price];u16=[Geo%20(...

0
0

23ms
23ms

Document
text/html

172.217.22.38
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://4368131.fls.doubleclick.net/activityi;dc_pre=COPs1J_O-eMCFd6ZdwodpAoHbw;src=4368131;type=hzg_ret;cat=hzg_de01;u1=[Oid];u2=[Uid];u3=[Pid];u5=[Gender];u6=[Age];u12=[Product_Price];u16=[Geo%20(City/Country)];u20=[2-digit_ISO_country_Code];ord=3567287080605.2925?

Requested by

Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_

Protocol

HTTP/1.1

Server

172.217.22.38 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: 4368131.fls.doubleclick.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Accept-Encoding: gzip, deflate
Cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_

Response headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Sun, 11 Aug 2019 00:57:24 GMT
Expires: Sun, 11 Aug 2019 00:57:24 GMT
Cache-Control: private, max-age=0
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 516
X-XSS-Protection: 0
Set-Cookie: IDE=AHWqTUm2ZpYtXfUEcevHfIpcEE1FtQ5cV6A6YOc7_XWQrPlgNMaJhWHChzcl4SI3; expires=Fri, 04-Sep-2020 00:57:24 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT

Redirect headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Sun, 11 Aug 2019 00:57:24 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Follow-Only-When-Prerender-Shown: 1
Strict-Transport-Security: max-age=21600
Location: http://4368131.fls.doubleclick.net/activityi;dc_pre=COPs1J_O-eMCFd6ZdwodpAoHbw;src=4368131;type=hzg_ret;cat=hzg_de01;u1=[Oid];u2=[Uid];u3=[Pid];u5=[Gender];u6=[Age];u12=[Product_Price];u16=[Geo%20(City/Country)];u20=[2-digit_ISO_country_Code];ord=3567287080605.2925?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
Set-Cookie: test_cookie=CheckForPermission; expires=Sun, 11-Aug-2019 01:12:24 GMT; path=/; domain=.doubleclick.net

GET
H/1.1 200
OK button_gender_m.png
hz-static-landing.akamaized.net/images/ 4 KB
4 KB 11ms
8ms Image
image/png 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hz-static-landing.akamaized.net/images/button_gender_m.png
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 07a6e2318271f33428ba334e0b4121fef50d3468b9dda08d1320b3643b933fbe

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/de_DE/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Last-Modified: Tue, 23 Jul 2019 06:24:57 GMT
Server: nginx/1.14.1
ETag: "5d36a839-e11"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3601

GET
H/1.1 200
OK button_gender_f.png
hz-static-landing.akamaized.net/images/ 3 KB
4 KB 19ms
15ms Image
image/png 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hz-static-landing.akamaized.net/images/button_gender_f.png
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 8451cb1a99e1af91fcd8f4610c299665369d3a439ba97289046b34561ff4eca1

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/de_DE/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Last-Modified: Tue, 23 Jul 2019 06:24:57 GMT
Server: nginx/1.14.1
ETag: "5d36a839-d43"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3395

GET
H/1.1 200
OK startbutton-off_new.png
hz-static-landing.akamaized.net/de_DE/images/ 15 KB
16 KB 10ms
7ms Image
image/png 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hz-static-landing.akamaized.net/de_DE/images/startbutton-off_new.png
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: fb602a079133d8e8e95b8b72a2bf751b5a49f74a5184730fdc757e0deedb1a6f

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/de_DE/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Last-Modified: Tue, 23 Jul 2019 06:24:57 GMT
Server: nginx/1.14.1
ETag: "5d36a839-3de3"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15843

GET
H/1.1 200
OK appstore-download.png
hz-static-landing.akamaized.net/images/ 3 KB
4 KB 15ms
13ms Image
image/png 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hz-static-landing.akamaized.net/images/appstore-download.png
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 824298a62620ef62618b42f3cc09c059685defbd9a7a658bf7e910ffad4f8d06

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://hz-static-landing.akamaized.net/css/compressed/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Last-Modified: Tue, 23 Jul 2019 06:24:57 GMT
Server: nginx/1.14.1
ETag: "5d36a839-d22"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3362

GET
H/1.1 200
OK playstore-download.png
hz-static-landing.akamaized.net/images/ 3 KB
3 KB 16ms
14ms Image
image/png 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hz-static-landing.akamaized.net/images/playstore-download.png
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 050707289bba73cae1f311587c40636e0e6b4b80c190737901b9481a180c24c2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://hz-static-landing.akamaized.net/css/compressed/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Last-Modified: Tue, 23 Jul 2019 06:24:57 GMT
Server: nginx/1.14.1
ETag: "5d36a839-b6d"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2925

GET
H/1.1 200
OK steam-download.png
hz-static-landing.akamaized.net/images/ 3 KB
3 KB 7ms
6ms Image
image/png 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hz-static-landing.akamaized.net/images/steam-download.png
Requested by: Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 8e4dc81d37d949d09fb43d8549a0afa03d8e3ecddb51f0a20d4fbb953025abac

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://hz-static-landing.akamaized.net/css/compressed/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:24 GMT
Last-Modified: Tue, 23 Jul 2019 06:24:57 GMT
Server: nginx/1.14.1
ETag: "5d36a839-c12"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3090

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/969713847/ 2 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/969713847/?random=1565485044171&cv=9&fst=1565485044171&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fwww.herozerogame.com%2F%3Flang%3Dde_DE%26ref%3D566-000-000-000%26subid%3D23626_&ref=http%3A%2F%2Ftrafiocut.com%2Fjump%2F%3Fjl%3D734925&tiba=Hero%20Zero%20-%20das%20kostenlose%20Browserspiel!&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

cd3c4581cfccf3de68c0eff6022a1f380cd44ae42189100c6b85bd1d32e1c9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2019 00:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 1012
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track Show response
click.fstrk.net/f457c545a9ded88f18ecee47145a72c0/ 0
0 819ms
30ms Script
text/plain 35.190.210.193
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://click.fstrk.net/f457c545a9ded88f18ecee47145a72c0/track?http_click_referer=http%3A%2F%2Ftrafiocut.com%2Fjump%2F%3Fjl%3D734925&fingerprint=714c7dd6bf2260d2cd19fd3b744726b8&fs_aff_source=23626_&fs_p_id=566-000-000-000&fs_product_id=HeroZero%20DE&callback=jsonp1565485155458
Requested by: Host: fstrk.net
URL: https://fstrk.net/api/tracker/f457c545a9ded88f18ecee47145a72c0/landing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.190.210.193 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 193.210.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 /
www.google.com/pagead/1p-user-list/969713847/ 42 B
112 B 22ms
21ms Image
image/gif 2a00:1450:4001:806::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/969713847/?random=1565485044171&cv=9&fst=1565481600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fwww.herozerogame.com%2F%3Flang%3Dde_DE%26ref%3D566-000-000-000%26subid%3D23626_&ref=http%3A%2F%2Ftrafiocut.com%2Fjump%2F%3Fjl%3D734925&tiba=Hero%20Zero%20-%20das%20kostenlose%20Browserspiel!&fmt=3&cdct=2&is_vtc=1&random=1042459761&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2019 00:57:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/969713847/ 42 B
110 B 19ms
19ms Image
image/gif 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/969713847/?random=1565485044171&cv=9&fst=1565481600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fwww.herozerogame.com%2F%3Flang%3Dde_DE%26ref%3D566-000-000-000%26subid%3D23626_&ref=http%3A%2F%2Ftrafiocut.com%2Fjump%2F%3Fjl%3D734925&tiba=Hero%20Zero%20-%20das%20kostenlose%20Browserspiel!&fmt=3&cdct=2&is_vtc=1&random=1042459761&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.herozerogame.com
URL: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2019 00:57:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/de_DE/
Redirect Chain

http://connect.facebook.net/de_DE/sdk.js
https://connect.facebook.net/de_DE/sdk.js

3 KB
2 KB

22ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

6c6d866f4234c86a22a3bc024f79115b6a0a3b880a388e4686b6976729aec48f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: oMfupqog8TX2Wf5J6BA51Q==
status: 200
content-length: 1780
etag: "0ce53f8dcb98010401f15899b614897f"
x-fb-debug: LdOoAUp6INN/fNv6pE5kKKFxa6Asb4OQYs1BzA9OAdqbXm9REGV5jvcPRZjB+CDRE8n9il4jz47awMRKvNWFwA==
x-fb-trip-id: 975780461
x-fb-content-md5: 8612d5034ab9411649125bd60bc3fd88
x-frame-options: DENY
date: Sun, 11 Aug 2019 00:57:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Aug 2019 01:12:15 GMT

Redirect headers

Location: https://connect.facebook.net/de_DE/sdk.js#xfbml=1&appId=223033497836225&version=v2.12
Non-Authoritative-Reason: HSTS

GET
H/1.1 204 bacon.gif
bacon.copperegg.com/ 0
111 B 1237ms
94ms Image
text/plain 3.81.11.167
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bacon.copperegg.com/bacon.gif?v=200&id=u9UONM0xbi6v8kwY&ua=Chrome&d=http%3A%2F%2Fwww.herozerogame.com&u=%2F&p=%3Flang%3Dde_DE%26ref%3D566-000-000-000%26subid%3D23626_&t=Hero%20Zero%20-%20das%20kostenlose%20Browserspiel!&j=F&s=2471&f=38&x=693&r=1842&ap=0.5&ab=F
Protocol: HTTP/1.1
Security: , ,
Server: 3.81.11.167 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-81-11-167.compute-1.amazonaws.com
Software: nginx/1.8.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Status: 204
Date: Sun, 11 Aug 2019 00:57:27 GMT
Server: nginx/1.8.0
Connection: keep-alive

GET
H/1.1 200
OK cookie-consent-logo.png
s3-eu-west-1.amazonaws.com/assets.cookieconsent.silktide.com/ 0
354 B 122ms
32ms Image
image/png 52.218.20.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/assets.cookieconsent.silktide.com/cookie-consent-logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.20.68 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://hz-static-landing.akamaized.net/css/compressed/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 11 Aug 2019 00:57:27 GMT
Last-Modified: Wed, 26 Jul 2017 09:30:17 GMT
Server: AmazonS3
x-amz-request-id: 1B1189B614DB1F08
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: qVZMYap/lqBxcBkXsbRKfmkN5UpAcYvqcX3lmim45JoNiHykrbgM/ev0vRnlAC4a6HmsnIIznjE=

GET
H2 200 sdk.js Show response
connect.facebook.net/de_DE/ 199 KB
60 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/sdk.js?hash=4f4ebd80cd2e369d287c68fa1481f2a1&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

91f5c0aeb1e335a359677b415d31241df8578e09780472eec2270fd6fdebf8be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
Origin: http://www.herozerogame.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: bZZzlWZ1RudiXb4uj7vwPw==
status: 200
content-length: 60501
etag: "28920276ba115e0f56b543ccee44edee"
x-fb-debug: v50/tXuJLQPhYVVdMbeqk1T9AduhyWzLnjMb/uOlvA2vM2wxpClAn+azwTVTyZ781ciCQ1I0bliMOr+If0p0Pg==
x-fb-trip-id: 975780461
x-fb-content-md5: f0080f572c5ae2116a225eb7ade56d7f
x-frame-options: DENY
date: Sun, 11 Aug 2019 00:57:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Mon, 10 Aug 2020 00:20:30 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 2AC8 0
0 8ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=4f4ebd80cd2e369d287c68fa1481f2a1&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.herozerogame.com/?lang=de_DE&ref=566-000-000-000&subid=23626_

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 08 Aug 2020 19:28:58 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: KtqHomLiNc1M/X3f+9GMK9UJIpjlv3LQWCnu4fV76MYLIMPgZT+A4ghC0asyi0UMQ0VEziejY5uBY8IdEBNjQQ==
content-length: 11540
x-fb-trip-id: 975780461
date: Sun, 11 Aug 2019 00:57:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ps.popcash.net
URL: http://ps.popcash.net/ad/ad?p=216668&w=498903&d=6539fbfbca1ca848e9f4-1561026291498903&

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 12:13:01	Name: IDE Value: AHWqTUnQq4EyM4yRM1lXS9mBheVJMFLNWGtuSSgCyTWNYxE3vP_UeUhYiEcj-HYe
.herozerogame.com/	1970-01-19 02:51:25	Name: _gat Value: 1
.herozerogame.com/	1970-01-19 02:52:51	Name: _gid Value: GA1.2.1823954727.1565485044
.herozerogame.com/	1970-01-19 20:22:37	Name: _ga Value: GA1.2.1678467715.1565485044
.herozerogame.com/	1970-01-19 11:37:01	Name: lang Value: de_DE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://fstrk.net/api/tracker/f457c545a9ded88f18ecee47145a72c0/landing.js(Line 1) Message: Skipping WebGL fingerprinting because it is not supported in this browser

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4368131.fls.doubleclick.net
a2g-secure.com
apps0199.hoolidayz77.live
bacon.copperegg.com
best.prizedeal512.info
click.fstrk.net
connect.facebook.net
d2vig74li2resi.cloudfront.net
fstrk.net
gelsbankfas.gq
googleads.g.doubleclick.net
hz-static-2.akamaized.net
hz-static-landing.akamaized.net
manytimes.club
minently.com
ps.popcash.net
realcenter-mobileapps2.com
s3-eu-west-1.amazonaws.com
staticxx.facebook.com
stats.g.doubleclick.net
touchbonus.club
trafiocut.com
up.trkgenius.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.herozerogame.com
ps.popcash.net
107.6.174.196
172.217.22.38
185.50.248.98
2.16.106.162
205.147.93.131
216.58.205.226
2600:9000:200c:600:11:647d:8600:93a1
2606:4700:30::6812:2ec4
2606:4700:30::6818:7adc
2606:4700:30::681b:8f2a
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:817::2002
2a00:1450:4001:817::200e
2a00:1450:4001:824::2003
2a00:1450:400c:c06::9b
2a01:4a0:1338:28::c38a:ff0b
2a03:2880:f01c:8012:face:b00c:0:3
3.81.11.167
35.190.210.193
45.32.92.194
52.0.152.125
52.215.56.20
52.218.20.68
52.51.183.202
54.230.95.111
79.110.23.98
99.198.108.194
050707289bba73cae1f311587c40636e0e6b4b80c190737901b9481a180c24c2
07a6e2318271f33428ba334e0b4121fef50d3468b9dda08d1320b3643b933fbe
0a302e844b1c85a863fecf56321e2e0a44820b42139ee0e7ad2275f5ea5a489a
0af712da14e2a6406a2c01801d4cdca5ed948b606f87b62b30bb001570fa10f9
1172c21ebf8dedc79b6a879f52cf17137e4f04ef71a324cb2ae00ca01ae3c0ed
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1f801537a1403148a2c66c27026b810e60e6724f06849f0bfdbc064919ad7d36
24d2fc7e6d6ca5c2684ed3e66a2da4bf82950819275788f3f834dd6cea04e8c0
259039cfb4f6e37698581048b9fb8e249ebcb9ce79a6f2132f31fef6ee25515a
425921b3e68d7ce352f590e9ec48a3b2c8a71b4b62dc3646b70b77c80a51f34b
486c44829bf00d422f0deeaf855f94ee034861da9f7bdd66a19a9cb876b5b694
4ca885a3ff5e886a2c591a4f2c7ccc0e23f70a44b59a307f113ab76c006a31fe
4d72af4abe48b4be146577824f86aee8364d6be7898f6a57b855bbae036e6db4
54e4d65499750e9672c18483a83800a63e92cdafa35f0bd2d5d366588f29c1ae
56b56dae4ce1b2a16383622861b02aa2105c0b9447840e089e70849f3da9302a
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d3528c21d8e3f99a35e6f76feb96d7644153acbb5f92a42dc81de1dae8fe69e
6592f0416e9ea3f6e45e2f8cedd042d385397b77d5f38c858c084db1149cc672
66a24a9b4fa5e114fec60f60ce65b0f116d07c8df51ce642addb6e4d2e12e256
689797dae122c420e9f4d5d9e3dc40d2cd78bde12a4acd86b850bbe90cfbf4a2
6c6d866f4234c86a22a3bc024f79115b6a0a3b880a388e4686b6976729aec48f
6cbc72aa5563ff6f15ac7d574cc609bce28e98632e9cbb5c0015c26deccf7223
6cbf690193f35b511ffd587ecb3c354e1cf5c82a4bab624eb43d3efc26102fe3
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
824298a62620ef62618b42f3cc09c059685defbd9a7a658bf7e910ffad4f8d06
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8451cb1a99e1af91fcd8f4610c299665369d3a439ba97289046b34561ff4eca1
8751a0a89dfa6c1298eaa0adf782443a6662bd85eff5e41d610af9f0b59a0e7a
8e4dc81d37d949d09fb43d8549a0afa03d8e3ecddb51f0a20d4fbb953025abac
91f5c0aeb1e335a359677b415d31241df8578e09780472eec2270fd6fdebf8be
99c791ac0aafb9b061b9ef84a8869573cf7951d7c5b4f89c1537958d888eb485
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9dd25ec0d22098a26df378577194c915a2a3ac026fbf65aa35c196695bd79343
a56e776bca3d2a00c0cee97f9b3a04106d208fae509969c40387515301028aaa
a7bae1c42dc7bbd0783d5fa483075b3ca30c47f7b83bbd0fa3816407cb6161d6
aadc0d0bd051b5add1853d1d2cc341f8cfa8ca8ea6643a05347b8adf06cfe7fa
cd35e31bb9037ef2ff296781a211571499e69b94d0352d10b70d326e0f500d80
cd3c4581cfccf3de68c0eff6022a1f380cd44ae42189100c6b85bd1d32e1c9bf
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
d5a2dcbb53e0b4fa2d084663db6832b514af5bb5100dff6d6a8d0b24efd27752
d9a5e775a611472bceefe5376f66ef28131b9a5f6604dda7717055517e8ebb64
e260d184e96e6fef01137c6af8bcb0423a983924ea5e2335ca4723d5a58d8c5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6980b407abe04e3ab6115aad7d4f25bb5581d2b182e9353aa38f06dc7433a42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb602a079133d8e8e95b8b72a2bf751b5a49f74a5184730fdc757e0deedb1a6f

www.herozerogame.com Open in urlscan Pro 52.51.183.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

82 %HTTPS

43 %IPv6

25 Domains

29 Subdomains

26 IPs

7 Countries

960 kBTransfer

1357 kBSize

5 Cookies

33 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.herozerogame.com Open in urlscan Pro
52.51.183.202 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

82 %
HTTPS

43 %
IPv6

25
Domains

29
Subdomains

26
IPs

7
Countries

960 kB
Transfer

1357 kB
Size

5
Cookies

51 HTTP transactions
2 data transactions