oauth-sandbox.gameforge.com Open in urlscan Pro
172.64.144.70  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response oauth-sandbox.gameforge.com/	2 KB 2 KB	313ms 158ms	Document text/html	172.64.144.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oauth-sandbox.gameforge.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.144.70 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / @tnt/http-server Resource Hash 767424aa08528843f55abccf074d3f68da893217e5a894bcf8d4d673739f42d2 Security Headers Name Value Content-Security-Policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15724800 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control private, no-cache, max-age=0 cf-cache-status DYNAMIC cf-ray 8a800d1f3d9fa240-YYZ content-encoding gzip content-security-policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Wed, 24 Jul 2024 01:14:04 GMT origin-agent-cluster ?1 referrer-policy no-referrer server cloudflare strict-transport-security max-age=15724800 x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options DENY x-permitted-cross-domain-policies none x-powered-by @tnt/http-server x-request-id 18262322d24085f6d9b4004a6d5541e0 x-xss-protection 0
GET H/1.1	200 OK	pz.js Show response pixelzirkus.gameforge.com/static/js/	9 KB 4 KB	490ms 121ms	Script application/x-javascript	79.110.82.166 GAMEFORGE-AS
General Check archive.org Show headers Download Go to Full URL https://pixelzirkus.gameforge.com/static/js/pz.js Requested by Host: oauth-sandbox.gameforge.com URL: https://oauth-sandbox.gameforge.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.110.82.166 , Germany, ASN47195 (GAMEFORGE-AS, DE), Reverse DNS Software nginx / Resource Hash 2864bfdcfd97dd67d3c321a816db38106b27b9881a32abc0ed15f2ba4280a364 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 24 Jul 2024 01:14:04 GMT Content-Encoding gzip Last-Modified Thu, 08 Feb 2024 09:04:07 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript; charset=utf-8 Cache-Control max-age=2592000 Connection keep-alive Expires Fri, 23 Aug 2024 01:14:04 GMT
GET H2	200	cookiebanner.js Show response consent-sandbox.gameforge.com/	32 KB 11 KB	324ms 42ms	Script application/javascript	172.64.144.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consent-sandbox.gameforge.com/cookiebanner.js Requested by Host: oauth-sandbox.gameforge.com URL: https://oauth-sandbox.gameforge.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.144.70 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e818cfadb0f3858f3271ebf4195527910aed2e93e51aa70bbaea77d6ef46e76 Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 01:14:04 GMT strict-transport-security max-age=15724800 content-encoding gzip cf-cache-status HIT last-modified Tue, 19 Mar 2024 10:35:29 GMT server cloudflare age 2186 etag W/"65f96a71-803a" vary Accept-Encoding content-type application/javascript cache-control public, max-age=3600 cf-ray 8a800d220bb03a08-YYZ
GET H2	200	ui.f0f1.js Show response oauth-sandbox.gameforge.com/js/	769 KB 227 KB	169ms 168ms	Script application/javascript	172.64.144.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oauth-sandbox.gameforge.com/js/ui.f0f1.js Requested by Host: oauth-sandbox.gameforge.com URL: https://oauth-sandbox.gameforge.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.144.70 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / @tnt/http-server Resource Hash 04d6765945a56a87e21cb83afc6658785338af9fdbae502d9ce04811802102e8 Security Headers Name Value Content-Security-Policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15724800 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 01:14:04 GMT content-security-policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15724800 cf-cache-status HIT x-permitted-cross-domain-policies none content-encoding gzip x-powered-by @tnt/http-server x-dns-prefetch-control off cross-origin-resource-policy same-origin x-xss-protection 0 x-request-id 66e3b7eec92194aadc100d70e36ad5c8 referrer-policy no-referrer last-modified Mon, 28 Aug 2023 07:43:56 GMT server cloudflare cross-origin-opener-policy same-origin etag W/"c03ed-18a3b196a60" x-download-options noopen x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 origin-agent-cluster ?1 cache-control public, max-age=31536000, s-max-age=3600, immutable cf-ray 8a800d225f77a240-YYZ
GET H2	200	ui.bundle.354b.js Show response consent-sandbox.gameforge.com/	378 KB 114 KB	387ms 386ms	Script application/javascript	172.64.144.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consent-sandbox.gameforge.com/ui.bundle.354b.js Requested by Host: consent-sandbox.gameforge.com URL: https://consent-sandbox.gameforge.com/cookiebanner.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.144.70 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 440e7999b003d2f22a5c2b2c6f79fad3fa9be63c15ce2138093652deff273326 Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 01:14:05 GMT strict-transport-security max-age=15724800 content-encoding gzip cf-cache-status HIT last-modified Tue, 19 Mar 2024 10:35:29 GMT server cloudflare etag W/"65f96a71-5e6d3" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000, immutable cf-ray 8a800d236ce93a08-YYZ
POST H2	200	/ Show response crashreporting.gameforge.com/api/21/envelope/	2 B 247 B	484ms 113ms	Fetch application/json	79.110.87.78 GAMEFORGE-AS
General Check archive.org Show headers Download Go to Full URL https://crashreporting.gameforge.com/api/21/envelope/?sentry_key=fb9a184a01914626a42823375c2e54e6&sentry_version=7&sentry_client=sentry.javascript.react%2F7.54.0 Requested by Host: oauth-sandbox.gameforge.com URL: https://oauth-sandbox.gameforge.com/js/ui.f0f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 79.110.87.78 , Germany, ASN47195 (GAMEFORGE-AS, DE), Reverse DNS 79-110-87-78.gfsrv.net Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://oauth-sandbox.gameforge.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 24 Jul 2024 01:14:05 GMT server nginx vary origin, access-control-request-method, access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin content-length 2
GET BLOB	200 OK	7d4740c3-a91f-4697-b560-c1453a490d23 https://oauth-sandbox.gameforge.com/	46 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://oauth-sandbox.gameforge.com/7d4740c3-a91f-4697-b560-c1453a490d23 Requested by Host: oauth-sandbox.gameforge.com URL: https://oauth-sandbox.gameforge.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 46922 Content-Type
GET H2	200	locales.json Show response oauth-sandbox.gameforge.com/translations/	398 B 381 B	154ms 154ms	Fetch application/json	172.64.144.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oauth-sandbox.gameforge.com/translations/locales.json Requested by Host: oauth-sandbox.gameforge.com URL: https://oauth-sandbox.gameforge.com/js/ui.f0f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.144.70 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / @tnt/http-server Resource Hash 3312eb85438c7ecaecd46de9ae844c01c66c0fb76c264cdd7e266ab66cad1fec Security Headers Name Value Content-Security-Policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15724800 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 01:14:05 GMT content-security-policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15724800 cf-cache-status DYNAMIC x-permitted-cross-domain-policies none content-encoding gzip x-powered-by @tnt/http-server x-dns-prefetch-control off cross-origin-resource-policy same-origin x-xss-protection 0 x-request-id 9ea682828a865d4bd70b59efafca375f referrer-policy no-referrer last-modified Mon, 28 Aug 2023 07:43:56 GMT server cloudflare cross-origin-opener-policy same-origin etag W/"18e-18a3b196a60" x-download-options noopen x-frame-options DENY content-type application/json; charset=UTF-8 origin-agent-cluster ?1 cache-control public, max-age=0 cf-ray 8a800d24c8e2a240-YYZ
GET H2	401	me Show response oauth-sandbox.gameforge.com/api/users/	92 B 241 B	158ms 157ms	Fetch application/json	172.64.144.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oauth-sandbox.gameforge.com/api/users/me Requested by Host: oauth-sandbox.gameforge.com URL: https://oauth-sandbox.gameforge.com/js/ui.f0f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.144.70 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / @tnt/http-server Resource Hash c28c98cf96caa9eec6efcaa0c1e250a73bac628f400f16d49977a43ea4a6c042 Security Headers Name Value Content-Security-Policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15724800 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 01:14:05 GMT content-security-policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15724800 cf-cache-status DYNAMIC x-permitted-cross-domain-policies none x-powered-by @tnt/http-server x-dns-prefetch-control off cross-origin-resource-policy same-origin content-length 92 x-xss-protection 0 x-request-id 83a65ac827564eb33d91b6d8da8b05be referrer-policy no-referrer server cloudflare cross-origin-opener-policy same-origin etag W/"5c-92lMi6dxkmirTIPp9myWBJX8FSg" x-download-options noopen x-frame-options DENY content-type application/json; charset=utf-8 origin-agent-cluster ?1 cf-ray 8a800d25c996a240-YYZ
GET H2	200	en-GB.json Show response oauth-sandbox.gameforge.com/translations/	2 KB 901 B	353ms 352ms	Fetch application/json	172.64.144.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oauth-sandbox.gameforge.com/translations/en-GB.json Requested by Host: oauth-sandbox.gameforge.com URL: https://oauth-sandbox.gameforge.com/js/ui.f0f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.144.70 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / @tnt/http-server Resource Hash 18c85dffeee3deeb60dee95e77b5e647652033ca7136ffc55960d96e1b537c39 Security Headers Name Value Content-Security-Policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15724800 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 01:14:05 GMT content-security-policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15724800 cf-cache-status DYNAMIC x-permitted-cross-domain-policies none content-encoding gzip x-powered-by @tnt/http-server x-dns-prefetch-control off cross-origin-resource-policy same-origin x-xss-protection 0 x-request-id fffd2787aff9e2928d064f806bcfc308 referrer-policy no-referrer last-modified Mon, 28 Aug 2023 07:43:56 GMT server cloudflare cross-origin-opener-policy same-origin etag W/"781-18a3b196a60" x-download-options noopen x-frame-options DENY content-type application/json; charset=UTF-8 origin-agent-cluster ?1 cache-control public, max-age=0 cf-ray 8a800d26ea52a240-YYZ
GET H2	200	en-GB.json Show response secure-asset-delivery.gameforge.com/partnersite_sandbox_cookie-banner/sandbox/a62fcc7f-9eea-4dc3-9a2c-526e948db9e3/	15 KB 3 KB	903ms 689ms	XHR application/json	2600:140a:a000::17df:2121 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure-asset-delivery.gameforge.com/partnersite_sandbox_cookie-banner/sandbox/a62fcc7f-9eea-4dc3-9a2c-526e948db9e3/en-GB.json Requested by Host: oauth-sandbox.gameforge.com URL: https://oauth-sandbox.gameforge.com/js/ui.f0f1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:140a:a000::17df:2121 Montreal, Canada, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 0c3085b49a66ebab03d0a35382f7bfc6a22640d6821876e9b954a46fbe9e417f Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 24 Jul 2024 01:14:06 GMT content-encoding gzip last-modified Tue, 12 Mar 2024 07:47:51 GMT server nginx etag "a033ec237efb89da0cca7cd91dd58762" x-cache-status REVALIDATED vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 2488 expires Wed, 24 Jul 2024 01:14:06 GMT
GET H2	200	favicon.ico oauth-sandbox.gameforge.com/	15 KB 8 KB	171ms 171ms	Other image/x-icon	172.64.144.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oauth-sandbox.gameforge.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.144.70 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / @tnt/http-server Resource Hash 4bfe954b85f3ba74200223a771687df4969e7117b0b193b0d650e42a5b15f8f4 Security Headers Name Value Content-Security-Policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15724800 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 01:14:05 GMT content-security-policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15724800 cf-cache-status MISS x-permitted-cross-domain-policies none content-encoding gzip x-powered-by @tnt/http-server x-dns-prefetch-control off cross-origin-resource-policy same-origin x-xss-protection 0 x-request-id 87db380fc1413a1f5aae6e0d7e72a7bd referrer-policy no-referrer last-modified Mon, 28 Aug 2023 07:43:56 GMT server cloudflare cross-origin-opener-policy same-origin etag W/"3aee-18a3b196a60" x-download-options noopen x-frame-options DENY vary Accept-Encoding content-type image/x-icon origin-agent-cluster ?1 cache-control public, max-age=0 cf-ray 8a800d273a8aa240-YYZ
GET H2	200	7f65.woff2 oauth-sandbox.gameforge.com/fonts/	16 KB 16 KB	510ms 510ms	Font font/woff2	172.64.144.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oauth-sandbox.gameforge.com/fonts/7f65.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.144.70 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / @tnt/http-server Resource Hash 4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec Security Headers Name Value Content-Security-Policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15724800 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://oauth-sandbox.gameforge.com/ Origin https://oauth-sandbox.gameforge.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 01:14:06 GMT content-security-policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15724800 cf-cache-status HIT x-permitted-cross-domain-policies none x-powered-by @tnt/http-server x-dns-prefetch-control off cross-origin-resource-policy same-origin content-length 16056 x-xss-protection 0 x-request-id 7b18ea1b33c68afae2df150990ec98f9 referrer-policy no-referrer last-modified Mon, 28 Aug 2023 07:43:56 GMT server cloudflare cross-origin-opener-policy same-origin etag W/"3eb8-18a3b196a60" x-download-options noopen x-frame-options DENY vary Accept-Encoding content-type font/woff2 origin-agent-cluster ?1 cache-control public, max-age=31536000, s-max-age=3600, immutable accept-ranges bytes cf-ray 8a800d295bd2a240-YYZ
POST H2	200	/ Show response crashreporting.gameforge.com/api/21/envelope/	2 B 246 B	116ms 113ms	Fetch application/json	79.110.87.78 GAMEFORGE-AS
General Check archive.org Show headers Download Go to Full URL https://crashreporting.gameforge.com/api/21/envelope/?sentry_key=fb9a184a01914626a42823375c2e54e6&sentry_version=7&sentry_client=sentry.javascript.react%2F7.54.0 Requested by Host: oauth-sandbox.gameforge.com URL: https://oauth-sandbox.gameforge.com/js/ui.f0f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 79.110.87.78 , Germany, ASN47195 (GAMEFORGE-AS, DE), Reverse DNS 79-110-87-78.gfsrv.net Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://oauth-sandbox.gameforge.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 24 Jul 2024 01:14:05 GMT server nginx vary origin, access-control-request-method, access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin content-length 2
POST H2	200	/ Show response crashreporting.gameforge.com/api/21/envelope/	2 B 246 B	117ms 115ms	Fetch application/json	79.110.87.78 GAMEFORGE-AS
General Check archive.org Show headers Download Go to Full URL https://crashreporting.gameforge.com/api/21/envelope/?sentry_key=fb9a184a01914626a42823375c2e54e6&sentry_version=7&sentry_client=sentry.javascript.react%2F7.54.0 Requested by Host: oauth-sandbox.gameforge.com URL: https://oauth-sandbox.gameforge.com/js/ui.f0f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 79.110.87.78 , Germany, ASN47195 (GAMEFORGE-AS, DE), Reverse DNS 79-110-87-78.gfsrv.net Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://oauth-sandbox.gameforge.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 24 Jul 2024 01:14:05 GMT server nginx vary origin, access-control-request-method, access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin content-length 2
GET H/1.1	200 OK	E6gg7P33.js Show response pixelzirkus.gameforge.com/static/js/	4 KB 2 KB	121ms 120ms	Script application/x-javascript	79.110.82.166 GAMEFORGE-AS
General Check archive.org Show headers Download Go to Full URL https://pixelzirkus.gameforge.com/static/js/E6gg7P33.js Requested by Host: pixelzirkus.gameforge.com URL: https://pixelzirkus.gameforge.com/static/js/pz.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.110.82.166 , Germany, ASN47195 (GAMEFORGE-AS, DE), Reverse DNS Software nginx / Resource Hash 61e230186558ae1ec0f5aadde95e171280a1a705439a5352f90e91ccbd7c82c4 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 24 Jul 2024 01:14:05 GMT Content-Encoding gzip Last-Modified Wed, 02 Sep 2020 12:34:17 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript; charset=utf-8 Cache-Control max-age=2592000 Connection keep-alive Expires Fri, 23 Aug 2024 01:14:05 GMT
GET H/1.1	200 OK	GT7h68ox.js Show response pixelzirkus.gameforge.com/static/js/	33 KB 11 KB	243ms 120ms	Script application/x-javascript	79.110.82.166 GAMEFORGE-AS
General Check archive.org Show headers Download Go to Full URL https://pixelzirkus.gameforge.com/static/js/GT7h68ox.js Requested by Host: pixelzirkus.gameforge.com URL: https://pixelzirkus.gameforge.com/static/js/pz.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.110.82.166 , Germany, ASN47195 (GAMEFORGE-AS, DE), Reverse DNS Software nginx / Resource Hash 08c3d5512e7766e9068ddd60328704f451150039955a271710ff74650bc33464 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 24 Jul 2024 01:14:05 GMT Content-Encoding gzip Last-Modified Wed, 02 Sep 2020 12:34:17 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript; charset=utf-8 Cache-Control max-age=2592000 Connection keep-alive Expires Fri, 23 Aug 2024 01:14:05 GMT
GET H2	200	0674.woff2 oauth-sandbox.gameforge.com/fonts/	16 KB 16 KB	159ms 159ms	Font font/woff2	172.64.144.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oauth-sandbox.gameforge.com/fonts/0674.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.144.70 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / @tnt/http-server Resource Hash 8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5 Security Headers Name Value Content-Security-Policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15724800 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://oauth-sandbox.gameforge.com/ Origin https://oauth-sandbox.gameforge.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 01:14:05 GMT content-security-policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15724800 cf-cache-status HIT x-permitted-cross-domain-policies none x-powered-by @tnt/http-server x-dns-prefetch-control off cross-origin-resource-policy same-origin content-length 16180 x-xss-protection 0 x-request-id a052719d57e69b5771d28f9a60756887 referrer-policy no-referrer last-modified Mon, 28 Aug 2023 07:43:56 GMT server cloudflare cross-origin-opener-policy same-origin etag W/"3f34-18a3b196a60" x-download-options noopen x-frame-options DENY vary Accept-Encoding content-type font/woff2 origin-agent-cluster ?1 cache-control public, max-age=31536000, s-max-age=3600, immutable accept-ranges bytes cf-ray 8a800d297befa240-YYZ
GET H2	200	favicon.ico oauth-sandbox.gameforge.com/	15 KB 74 B	494ms 493ms	Other image/x-icon	172.64.144.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oauth-sandbox.gameforge.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.144.70 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / @tnt/http-server Resource Hash 4bfe954b85f3ba74200223a771687df4969e7117b0b193b0d650e42a5b15f8f4 Security Headers Name Value Content-Security-Policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15724800 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 01:14:06 GMT content-security-policy default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15724800 cf-cache-status MISS x-permitted-cross-domain-policies none content-encoding gzip x-powered-by @tnt/http-server x-dns-prefetch-control off cross-origin-resource-policy same-origin x-xss-protection 0 x-request-id 7e72940c8cf2e3f895b6e67737aef6b2 referrer-policy no-referrer last-modified Mon, 28 Aug 2023 07:43:56 GMT server cloudflare cross-origin-opener-policy same-origin etag W/"3aee-18a3b196a60" x-download-options noopen vary Accept-Encoding x-frame-options DENY content-type image/x-icon origin-agent-cluster ?1 cache-control public, max-age=0 cf-ray 8a800d297bf2a240-YYZ
POST H/1.1	200 OK	simple Show response pixelzirkus.gameforge.com/do2/	0 596 B	128ms 127ms	XHR text/plain	79.110.82.166 GAMEFORGE-AS
General Check archive.org Show headers Download Go to Full URL https://pixelzirkus.gameforge.com/do2/simple Requested by Host: oauth-sandbox.gameforge.com URL: https://oauth-sandbox.gameforge.com/js/ui.f0f1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.110.82.166 , Germany, ASN47195 (GAMEFORGE-AS, DE), Reverse DNS Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Wed, 24 Jul 2024 01:14:05 GMT Server nginx X-Powered-By Undertow/1 Access-Control-Allow-Origin https://oauth-sandbox.gameforge.com Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 Expires Wed, 24 Jul 2024 01:14:04 GMT
POST H/1.1	200 OK	simple Show response pixelzirkus.gameforge.com/do2/	0 596 B	125ms 124ms	XHR text/plain	79.110.82.166 GAMEFORGE-AS
General Check archive.org Show headers Download Go to Full URL https://pixelzirkus.gameforge.com/do2/simple Requested by Host: oauth-sandbox.gameforge.com URL: https://oauth-sandbox.gameforge.com/js/ui.f0f1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.110.82.166 , Germany, ASN47195 (GAMEFORGE-AS, DE), Reverse DNS Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Wed, 24 Jul 2024 01:14:06 GMT Server nginx X-Powered-By Undertow/1 Access-Control-Allow-Origin https://oauth-sandbox.gameforge.com Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 Expires Wed, 24 Jul 2024 01:14:05 GMT
GET H2	200	4b91.woff2 consent-sandbox.gameforge.com/	53 KB 53 KB	257ms 206ms	Font font/woff2	172.64.144.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consent-sandbox.gameforge.com/4b91.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.144.70 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1fafd4ec61cdc7565ad37e6ae369fb938ba5f3cbbaa2cc6920c11a7fa84f8be Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers Referer https://oauth-sandbox.gameforge.com/ Origin https://oauth-sandbox.gameforge.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 01:14:06 GMT strict-transport-security max-age=15724800 cf-cache-status REVALIDATED last-modified Tue, 19 Mar 2024 10:35:29 GMT server cloudflare etag "65f96a71-d2d4" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * accept-ranges bytes cf-ray 8a800d2d5aae3a06-YYZ content-length 53972

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pixelzirkus function| setPixel function| firePixels function| capturePixel object| webpackJsonp object| gfCookieConsent object| _global object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| __REACT_INTL_CONTEXT__ function| Fingerprint function| Fingerprint2

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.gameforge.com/	1970-01-20 22:16:25	Name: __cf_bm Value: DSYnEfiwh1dW5LuyFdg5zbvVII_eUvtGDJgkTry6Kmg-1721783644-1.0.1.1-IVRX9DLPZYYUEfRsTwBoXmZVbu47Yp8GQ19nakubg0LktjEk2FavPe9zgWCXNG9uBZR5OC3J4lhiHPtvKu4NKg
			.gameforge.com/	1970-01-21 07:01:59	Name: pc_idt Value: ANOeB1ksg9jr7tk1t_Zt0NfUxm9SKeyiIPVYaav3ErN6pBW-AqPkECJPJbZYQ1Z1S5s6g5TUlupJVSrjFAHkHXHe6lqZ207G108gPll9snqfttIpmpr8_eY87boA4AG7OwJm2HN7cLZt2hX0cLNYyVgZtppz-lT8BWsZMQ

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://oauth-sandbox.gameforge.com/(Line 3) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net". Either the 'unsafe-inline' keyword, a hash ('sha256-Y4dlgc7Y06JiPv/wjmKt+3WVzsza2owlzr2Waf9XtK0='), or a nonce ('nonce-...') is required to enable inline execution.
network	error	URL: https://oauth-sandbox.gameforge.com/api/users/me Message: Failed to load resource: the server responded with a status of 401 ()
recommendation	verbose	URL: https://oauth-sandbox.gameforge.com/en-GB/sign-in Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;script-src 'self' 'unsafe-eval' https://gameforge.com https://*.gameforge.com https://*.gfsrv.net;worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent-sandbox.gameforge.com
crashreporting.gameforge.com
oauth-sandbox.gameforge.com
pixelzirkus.gameforge.com
secure-asset-delivery.gameforge.com
172.64.144.70
2600:140a:a000::17df:2121
79.110.82.166
79.110.87.78
04d6765945a56a87e21cb83afc6658785338af9fdbae502d9ce04811802102e8
08c3d5512e7766e9068ddd60328704f451150039955a271710ff74650bc33464
0c3085b49a66ebab03d0a35382f7bfc6a22640d6821876e9b954a46fbe9e417f
18c85dffeee3deeb60dee95e77b5e647652033ca7136ffc55960d96e1b537c39
2864bfdcfd97dd67d3c321a816db38106b27b9881a32abc0ed15f2ba4280a364
3312eb85438c7ecaecd46de9ae844c01c66c0fb76c264cdd7e266ab66cad1fec
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc
440e7999b003d2f22a5c2b2c6f79fad3fa9be63c15ce2138093652deff273326
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4bfe954b85f3ba74200223a771687df4969e7117b0b193b0d650e42a5b15f8f4
61e230186558ae1ec0f5aadde95e171280a1a705439a5352f90e91ccbd7c82c4
767424aa08528843f55abccf074d3f68da893217e5a894bcf8d4d673739f42d2
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
9e818cfadb0f3858f3271ebf4195527910aed2e93e51aa70bbaea77d6ef46e76
c28c98cf96caa9eec6efcaa0c1e250a73bac628f400f16d49977a43ea4a6c042
d1fafd4ec61cdc7565ad37e6ae369fb938ba5f3cbbaa2cc6920c11a7fa84f8be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855