www.gamestar.de Open in urlscan Pro
2a03:7fc0:c000:1:185:12:50:67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.amp?__twitter_impression=true
Effective URL:
https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Submission Tags: falconsandbox
Submission: On June 16 via api (June 16th 2022, 2:30:01 am UTC) from US — Scanned from DE

Summary HTTP 97 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 97 HTTP transactions. The main IP is 2a03:7fc0:c000:1:185:12:50:67, located in France and belongs to JEUXVIDEO-NETWORK, FR. The main domain is www.gamestar.de. The Cisco Umbrella rank of the primary domain is 194626.
TLS certificate: Issued by R3 on April 25th 2022. Valid for: 3 months.

This is the only time www.gamestar.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2a03:7fc0:c00... 2a03:7fc0:c000:1:185:12:50:67	35717 (JEUXVIDEO...) (JEUXVIDEO-NETWORK)
38	2a03:7fc0:c00... 2a03:7fc0:c000:1:185:12:50:205	35717 (JEUXVIDEO...) (JEUXVIDEO-NETWORK)
11	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	91.215.100.74 91.215.100.74	43407 (INFONLINE-AS) (INFONLINE-AS)
3	2600:9000:215... 2600:9000:2156:8600:5:b7cc:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:440... 2606:4700:4400::6812:2194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	217.115.153.216 217.115.153.216	20773 (GODADDY) (GODADDY)
1 2	161.156.47.59 161.156.47.59	36351 (SOFTLAYER) (SOFTLAYER)
17	2a03:7fc0:c00... 2a03:7fc0:c000:1:185:12:50:76	35717 (JEUXVIDEO...) (JEUXVIDEO-NETWORK)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e01b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
97	14

10 2a03:7fc0:c000:1:185:12:50:67 (France) 1 redirects

ASN35717 (JEUXVIDEO-NETWORK, FR)

www.gamestar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a03:7fc0:c000:1:185:12:50:205 (France)

ASN35717 (JEUXVIDEO-NETWORK, FR)

static.cgames.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.cgames.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.toolbox.webediagaming.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 91.215.100.74 (Germany)

ASN43407 (INFONLINE-AS, NL)

data-c53e1346fa.gamestar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:8600:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:2194 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lib.getjad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.115.153.216 (Germany)

ASN20773 (GODADDY, DE)
PTR: srv16.mailer-service.de

cdn.promio-connect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 161.156.47.59 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 3b.2f.9ca1.ip4.static.sl-reverse.com

vg06.met.vgwort.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a03:7fc0:c000:1:185:12:50:76 (France)

ASN35717 (JEUXVIDEO-NETWORK, FR)

toolbox.webediagaming.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

webedia-de-cdn.relevant-digital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:f7::5c7b:e01b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	cgames.de static.cgames.de — Cisco Umbrella Rank: 300282 images.cgames.de — Cisco Umbrella Rank: 340879	463 KB
21	webediagaming.de toolbox.webediagaming.de — Cisco Umbrella Rank: 328844 images.toolbox.webediagaming.de — Cisco Umbrella Rank: 421669	542 KB
15	gamestar.de 1 redirects www.gamestar.de — Cisco Umbrella Rank: 194626 data-c53e1346fa.gamestar.de — Cisco Umbrella Rank: 563882	108 KB
13	typekit.net use.typekit.net — Cisco Umbrella Rank: 637 p.typekit.net — Cisco Umbrella Rank: 782	210 KB
4	getjad.io cdn.lib.getjad.io — Cisco Umbrella Rank: 136693	433 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3269 onesignal.com — Cisco Umbrella Rank: 1165	73 KB
3	privacy-center.org sdk.privacy-center.org — Cisco Umbrella Rank: 6126	155 KB
2	vgwort.de 1 redirects vg06.met.vgwort.de — Cisco Umbrella Rank: 213922	725 B
1	relevant-digital.com webedia-de-cdn.relevant-digital.com — Cisco Umbrella Rank: 306063	12 KB
1	webcontentassessor.com scripts.webcontentassessor.com — Cisco Umbrella Rank: 4304	55 KB
1	promio-connect.com cdn.promio-connect.com — Cisco Umbrella Rank: 461825	2 KB
97	11

	Domain	Requested by
25	static.cgames.de	www.gamestar.de
17	toolbox.webediagaming.de	www.gamestar.de static.cgames.de toolbox.webediagaming.de
11	use.typekit.net	www.gamestar.de toolbox.webediagaming.de use.typekit.net
10	www.gamestar.de	1 redirects www.gamestar.de static.cgames.de
9	images.cgames.de	www.gamestar.de
5	data-c53e1346fa.gamestar.de	www.gamestar.de data-c53e1346fa.gamestar.de
4	images.toolbox.webediagaming.de	toolbox.webediagaming.de
4	cdn.lib.getjad.io	www.gamestar.de cdn.lib.getjad.io
3	sdk.privacy-center.org	www.gamestar.de sdk.privacy-center.org
2	p.typekit.net	www.gamestar.de use.typekit.net
2	vg06.met.vgwort.de	1 redirects www.gamestar.de
2	cdn.onesignal.com	www.gamestar.de cdn.onesignal.com
1	onesignal.com	cdn.onesignal.com
1	webedia-de-cdn.relevant-digital.com	cdn.lib.getjad.io
1	scripts.webcontentassessor.com	cdn.lib.getjad.io
1	cdn.promio-connect.com	www.gamestar.de
97	16

This site contains links to these domains. Also see Links.

Domain
shop.gamestar.de
www.gamepro.de
mein-mmo.de
www.pietsmiet.de
www.gtainside.com
www.xboxdynasty.de
nintendo-online.de
www.bleepingcomputer.com
webedia-group.de
www.jointheallyance.de
www.jeuxvideo.com
twitter.com
www.facebook.com
www.instagram.com
www.tiktok.com
www.webedia-group.de

Subject Issuer	Validity	Valid
gamestar.de R3	`2022-04-25` - `2022-07-24`	3 months	crt.sh
cgames.de R3	`2022-06-13` - `2022-09-11`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
data-c53e1346fa.gamestar.de R3	`2022-06-11` - `2022-09-09`	3 months	crt.sh
*.privacy-center.org Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
getjad.io Cloudflare Inc ECC CA-3	`2021-10-04` - `2022-10-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.promio-connect.com Starfield Secure Certificate Authority - G2	`2021-08-12` - `2022-09-11`	a year	crt.sh
webediagaming.de R3	`2022-06-13` - `2022-09-11`	3 months	crt.sh
scripts.webcontentassessor.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-31` - `2022-12-02`	a year	crt.sh
1744650314.rsc.cdn77.org R3	`2022-05-24` - `2022-08-22`	3 months	crt.sh
images.toolbox.webediagaming.de R3	`2022-06-13` - `2022-09-11`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Frame ID: CB0B3A88C9EAC7744179F8F1072FE22C
Requests: 72 HTTP requests in this frame

Frame: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
Frame ID: 21B06DC41EDB9E63770358E931357852
Requests: 2 HTTP requests in this frame

Frame: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
Frame ID: 99DAF1F80C7DBE4C24AD2B0FE728A76B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trojaner verwandelt Discord in Malware - Wie ihr euch schützt

Page URL History Show full URLs

https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.amp?__twitter_impression=true HTTP 301
https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Didomi (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

sdk\.privacy-center\.org/.*/loader\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

97
Requests

98 %
HTTPS

69 %
IPv6

11
Domains

16
Subdomains

14
IPs

3
Countries

2054 kB
Transfer

5056 kB
Size

3
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.gamestar.de/

Search URL Search Domain Scan URL

URL: https://shop.gamestar.de/hefte/gamestar/
Title: Ausgaben bestellen

Search URL Search Domain Scan URL

URL: https://shop.gamestar.de/abo/gamestar-abos/1007/gamestar-epaper-jahresabo?c=49
Title: Apps & eBooks

Search URL Search Domain Scan URL

URL: https://shop.gamestar.de/gamestar-abo
Title: Abo-Shop

Search URL Search Domain Scan URL

URL: https://www.gamepro.de/
Title: GamePro

Search URL Search Domain Scan URL

URL: https://mein-mmo.de/
Title: Mein MMO

Search URL Search Domain Scan URL

URL: https://www.pietsmiet.de/
Title: PietSmiet

Search URL Search Domain Scan URL

URL: https://www.gtainside.com/news.php
Title: GTAinside

Search URL Search Domain Scan URL

URL: https://www.xboxdynasty.de/
Title: Xbox Dynasty

Search URL Search Domain Scan URL

URL: https://nintendo-online.de/
Title: Nintendo Online

Search URL Search Domain Scan URL

URL: https://shop.gamestar.de/gamestar-plus-das-plus-fuer-pc-gamer?source=plus-top-banner-content
Title: Wenn dir gute Spiele wichtig sind, brauchst du Plus. Jetzt beitreten

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/discord-client-turned-into-a-password-stealer-by-updated-malware/
Title: Bleepingcomputer

Search URL Search Domain Scan URL

URL: https://webedia-group.de/karriere/
Title: Karriere

Search URL Search Domain Scan URL

URL: https://webedia-group.de/
Title: Mediadaten

Search URL Search Domain Scan URL

URL: https://www.jointheallyance.de/
Title: allyance Network

Search URL Search Domain Scan URL

URL: https://www.jeuxvideo.com/
Title: Jeuxvideo.com

Search URL Search Domain Scan URL

URL: https://twitter.com/GameStar_de
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GameStar.de/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gamestar.de/?hl=de
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@gamestar
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.webedia-group.de/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.amp?__twitter_impression=true HTTP 301
https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://vg06.met.vgwort.de/na/d18d51fc79094e32812b0a2cfd9e474b HTTP 302
https://vg06.met.vgwort.de/blank.gif

97 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request discord-trojaner-malware,3358149.html Show response
www.gamestar.de/artikel/
Redirect Chain

https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.amp?__twitter_impression=true
https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

268 KB
66 KB

301ms
301ms

Document
text/html

2a03:7fc0:c000:1:185:12:50:67
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:67 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

0be1ae2251f892507e1f248247290408ffd9d1119ca178645362c792f5681c9a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: https://imasdk.googleapis.com
age: 0
cache-control: s-maxage=0, max-age=0, must-revalidate
cluster: C
content-encoding: gzip
content-security-policy: frame-ancestors 'self';
content-type: text/html;charset=UTF-8
date: Thu, 16 Jun 2022 02:29:55 GMT
server: nginx
vary: Accept-Encoding
x-cache: MISS (vrn-gsgp-live-cA-02)

Redirect headers

cluster: C
content-length: 178
content-type: text/html
date: Thu, 16 Jun 2022 02:29:55 GMT
location: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H2 200 gamestar.min.css
static.cgames.de/gs_cb/assets/css/ 335 KB
53 KB 216ms
20ms Stylesheet
text/css 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/css/gamestar.min.css?cc=310520220802

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

7be776692a9861a95cdb001d4d54a806b347ac79849a7b71e3f13447b29c0d79

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 06:02:24 GMT
server: nginx/1.10.3
age: 205
etag: "53af8-5e0488443eee8-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: text/css
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 53612

GET
H2 200 dark.min.css
static.cgames.de/gs_cb/assets/css/ 28 KB
5 KB 258ms
63ms Stylesheet
text/css 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/css/dark.min.css?cc=310520220802

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

a508ecd8b227dfdc60d1968e080292490ed668169293d88a1b71c4d2294f3004

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 06:02:24 GMT
server: nginx/1.10.3
age: 101
etag: "6f2f-5e048843c6538-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: text/css
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 4807

GET
H2 200 bxw3gkn.js Show response
use.typekit.net/ 18 KB
7 KB 185ms
14ms Script
text/javascript 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/bxw3gkn.js

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

33704f3cc03af4f860411c4a69a62af69563785688152f8614aba768f5f90e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.gamestar.de/
Origin: https://www.gamestar.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6888

GET
H2 200 gsgp-icons.ttf
static.cgames.de/gs_cb/assets/core/fonts/ 16 KB
17 KB 217ms
21ms Font
font/ttf 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/fonts/gsgp-icons.ttf?m4s8b0

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

a314d64316aa89a35438aa243fa11a9642654a159234eec8788eaeca44f6f967

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Referer: https://www.gamestar.de/
Origin: https://www.gamestar.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
last-modified: Thu, 21 Apr 2022 09:47:12 GMT
server: nginx/1.10.3
age: 92
etag: "4124-5dd26fe8e8435"
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: font/ttf
access-control-allow-origin: *
cache-control: s-maxage=0, max-age=0, must-revalidate
date: Thu, 16 Jun 2022 02:29:56 GMT
accept-ranges: bytes
content-length: 16676

GET
H2 200 jquery-3.6.0.min.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/jquery/ 87 KB
31 KB 256ms
60ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/jquery/jquery-3.6.0.min.js

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 09:42:03 GMT
server: nginx/1.10.3
age: 644
etag: "15d9d-5dfd2e2c03335-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=3600, max-age=3600
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 30902

GET
H2 200 discord-hack-malware_6101381.jpg
images.cgames.de/images/gamestar/290/ 66 KB
67 KB 51ms
40ms Image
image/jpeg 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.cgames.de/images/gamestar/290/discord-hack-malware_6101381.jpg
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: b23c912f881d3e4303a98e2b880fc8542aedec220f5a6b692cba104da4f044ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Sun, 22 May 2022 20:52:02 GMT
server: nginx/1.10.3
age: 0
x-cache: MISS (ent-vrn-img-02)
content-type: image/jpeg
cache-control: s-maxage=2592000, max-age=2592000
x-varnish: 325753018
accept-ranges: bytes
link: <http://images.cgames.de/images/gamestar/290/discord-hack-malware_6101381.jpg>; rel="canonical"
content-length: 67908
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wbd_dfp.4e7cae62.js Show response
www.gamestar.de/gs_cb/assets/core/js/libs/dfp/ 6 KB
3 KB 20ms
20ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:67
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gamestar.de/gs_cb/assets/core/js/libs/dfp/wbd_dfp.4e7cae62.js

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:67 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

8341f329c5e3265d21e8918982d4ce3c037159fd31e16b89619e55763fc422e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';, frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 07:53:28 GMT
cluster: C
age: 3201
etag: "19f4-5c7b19523dd71-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=3600, max-age=3600
content-security-policy: frame-ancestors 'self';, frame-ancestors 'self';
accept-ranges: bytes
content-length: 2534
server: nginx

GET
H2 200 bundle.js Show response
data-c53e1346fa.gamestar.de/iomm/latest/manager/base/es6/ 59 KB
19 KB 85ms
22ms Script
application/javascript 91.215.100.74
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://data-c53e1346fa.gamestar.de/iomm/latest/manager/base/es6/bundle.js
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.215.100.74 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 07cdeb3496c0222a09ec5a8bc0772b5a57f35fae5219a7d801c64f62007665db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:55 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 10:37:43 GMT
server: nginx
etag: W/"61e546f7-eccc"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

GET
H2 200 loader.js Show response
data-c53e1346fa.gamestar.de/iomm/latest/bootstrap/ 497 B
677 B 90ms
27ms Script
application/javascript 91.215.100.74
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://data-c53e1346fa.gamestar.de/iomm/latest/bootstrap/loader.js
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.215.100.74 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: aff5c0d375532e7593481c1e4bc96b128eb5c2fd53c6992f095588555dbfc7ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:55 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 10:37:44 GMT
server: nginx
etag: W/"61e546f8-1f1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

GET
H2 200 loader.js Show response
sdk.privacy-center.org/969f779f-570e-47ae-af54-36b8692b345e/ 33 KB
12 KB 46ms
9ms Script
application/javascript 2600:9000:2156:8600:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/969f779f-570e-47ae-af54-36b8692b345e/loader.js?target=www.gamestar.de
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 6e764e78af6839341ec5e5019ef8dc89aa4f7ad5aaa7ccbfcebb39850ec0e1d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:10:41 GMT
content-encoding: gzip
x-didomi-remote-config-source: Dynamo
server: CloudFront
age: 1159
etag: "d54e534df9af7178a089c3c8bc3c8295"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
x-amz-cf-pop: FRA50-C1
content-length: 11532
x-amz-cf-id: 2h4jAsQ6k1rpJCw7Bg20ik8PUgnjtVV1nCVHf_mc81So6qbWyCPHtQ==

GET
H2 200 DE_Gamestar Show response
cdn.lib.getjad.io/library/35853227/ 491 KB
107 KB 91ms
30ms Script
application/javascript 2606:4700:4400::6812:2194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lib.getjad.io/library/35853227/DE_Gamestar
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f2d849617a74f5d6f81dc6e37c9b87f09b9b3479f3bd37050f4bc5b58a3842f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Jun 2022 09:30:43 GMT
server: cloudflare
age: 3062
etag: W/"7aa79-5e1792cd77f25-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-max-age=3600, stale-while-revalidate=3600, stale-if-error=7200
cf-ray: 71c01ee24e800221-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 16 Jun 2022 02:35:01 GMT

GET
H2 200 unslider.css
static.cgames.de/gs_cb/assets/core/js/libs/unslider/dist/css/ 573 B
594 B 221ms
61ms Stylesheet
text/css 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/unslider/dist/css/unslider.css?cc=310520220802

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

a0b779ad590272d25a6b625b33f3d117b71ab8b77efa8266cf2ebcd90bd76764

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 06:08:17 GMT
server: nginx/1.10.3
age: 213
etag: "23d-5bc0edc6dd7ad-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: text/css
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 262

GET
H2 200 rpi.bundle.css
static.cgames.de/gs_cb/assets/core/js/libs/reading-position-indicator/dist/ 708 B
674 B 221ms
62ms Stylesheet
text/css 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/reading-position-indicator/dist/rpi.bundle.css?cc=310520220802

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

da0e46fc532483472f5a5e68237f169e3fa1e0f7210e19e57272a474e8e2869b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 05:28:35 GMT
server: nginx/1.10.3
age: 245
etag: "2c4-5d55bd75f1b53-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: text/css
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 341

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 59ms
22ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray: 71c01ee22adf01db-ZRH
date: Thu, 16 Jun 2022 02:29:56 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1725
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 19 Jun 2022 02:29:56 GMT

GET
H/1.1 200
OK webpush.min.js Show response
cdn.promio-connect.com/ 5 KB
2 KB 60ms
9ms Script
text/javascript 217.115.153.216
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.promio-connect.com/webpush.min.js
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.115.153.216 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS: srv16.mailer-service.de
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 483cf1dfa3c340a91edc49e718c51c908cc3d928544189234a9d471fe013ac8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 02:29:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Jun 2021 09:32:58 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "320fc6-1523-5c5e44aa37240"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=7200
Connection: close
Accept-Ranges: bytes
Content-Length: 1684
Expires: Thu, 16 Jun 2022 04:29:56 GMT

GET
H2 200 GS_logo_white.svg
static.cgames.de/gs_cb/assets/core/images/ 7 KB
8 KB 23ms
19ms Image
image/svg+xml 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.cgames.de/gs_cb/assets/core/images/GS_logo_white.svg

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

aac67f53ffe6a61622c6953f37ba2f2b9fab081c60b610b5f876d61e9607e838

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
last-modified: Thu, 01 Jul 2021 09:51:42 GMT
server: nginx/1.10.3
age: 86
etag: "1dfd-5c60cc949fb69"
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: image/svg+xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
date: Thu, 16 Jun 2022 02:29:56 GMT
accept-ranges: bytes
content-length: 7677

GET
H2 200 gs_shop_logo.svg
www.gamestar.de/img/plus/ 4 KB
2 KB 24ms
19ms Image
image/svg+xml 2a03:7fc0:c000:1:185:12:50:67
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gamestar.de/img/plus/gs_shop_logo.svg

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:67 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

5de2f9674b2f039b6eb2281527cf19fe63e4249610312b4622f3ff67b9b527bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2017 21:59:50 GMT
cluster: C
age: 122
etag: W/"e41-550b0ce608b0e"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: image/svg+xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
server: nginx

GET
H2 200 gsp_plus_logo_white.svg
www.gamestar.de/img/plus/ 3 KB
1 KB 24ms
20ms Image
image/svg+xml 2a03:7fc0:c000:1:185:12:50:67
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gamestar.de/img/plus/gsp_plus_logo_white.svg

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:67 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

ccc50aff4f14b31e92d031e24899a1b7bc2129b8d1bd46263a1ff4f75a4f50db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2017 21:59:50 GMT
cluster: C
age: 80
etag: W/"a51-550b0ce6092de"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: image/svg+xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
server: nginx

GET
H2 200 gsp_plus_logo_green.svg
www.gamestar.de/img/plus/ 3 KB
1 KB 24ms
20ms Image
image/svg+xml 2a03:7fc0:c000:1:185:12:50:67
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gamestar.de/img/plus/gsp_plus_logo_green.svg

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:67 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

6c86c25a6f7739b6c0552bc79b046e79ce7a8eba5e8ef48bc82519dd9ee0b8fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2017 21:59:50 GMT
cluster: C
age: 246
etag: W/"a54-550b0ce608ef6"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: image/svg+xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
server: nginx

GET
H2 200 -gamestar-plus-banner-3-monate-gutschein-mobile-hell_6167110.jpg
images.cgames.de/images/gamestar/4/ 10 KB
10 KB 23ms
19ms Image
image/jpeg 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.cgames.de/images/gamestar/4/-gamestar-plus-banner-3-monate-gutschein-mobile-hell_6167110.jpg
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 6f772fa2d85534cb7b2efd2863c2b53bf28aa68c33a97e75619acf395257313e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Sun, 24 Apr 2022 15:29:58 GMT
server: nginx/1.10.3
age: 1957247
x-cache: HIT (ent-vrn-img-02)
content-type: image/jpeg
cache-control: s-maxage=2592000, max-age=2592000
x-varnish: 367532019 894567304
accept-ranges: bytes
link: <http://images.cgames.de/images/gamestar/4/-gamestar-plus-banner-3-monate-gutschein-mobile-hell_6167110.jpg>; rel="canonical"
content-length: 9743
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gamestar-plus-banner-3-monate-holen-gutschein-desktop-hell_6181063.jpg
images.cgames.de/images/gamestar/4/ 23 KB
23 KB 40ms
36ms Image
image/jpeg 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.cgames.de/images/gamestar/4/gamestar-plus-banner-3-monate-holen-gutschein-desktop-hell_6181063.jpg
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 908c2148dad0354b5f515e70a6c2531b7fdc45b92d1d10cad8aa5d3b41228865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 24 May 2022 09:45:54 GMT
server: nginx/1.10.3
age: 1961042
x-cache: MISS (ent-vrn-img-02)
content-type: image/jpeg
cache-control: s-maxage=2592000, max-age=2592000
x-varnish: 326815581 848898338
accept-ranges: bytes
link: <http://images.cgames.de/images/gamestar/4/gamestar-plus-banner-3-monate-holen-gutschein-desktop-hell_6181063.jpg>; rel="canonical"
content-length: 23119
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 -gamestar-plus-banner-3-monate-gutschein-mobile-dunkel_6167109.jpg
images.cgames.de/images/gamestar/4/ 10 KB
10 KB 24ms
21ms Image
image/jpeg 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.cgames.de/images/gamestar/4/-gamestar-plus-banner-3-monate-gutschein-mobile-dunkel_6167109.jpg
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 148bae55105a8559a1fb734b54e94a7c88372c588449c1ca5e03c9f0e35912f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Sun, 24 Apr 2022 13:55:23 GMT
server: nginx/1.10.3
age: 1962833
x-cache: HIT (ent-vrn-img-02)
content-type: image/jpeg
cache-control: s-maxage=2592000, max-age=2592000
x-varnish: 367825535 891962044
accept-ranges: bytes
link: <http://images.cgames.de/images/gamestar/4/-gamestar-plus-banner-3-monate-gutschein-mobile-dunkel_6167109.jpg>; rel="canonical"
content-length: 9780
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gamestar-plus-banner-3-monate-holen-gutschein-desktop-dunkel_6181064.jpg
images.cgames.de/images/gamestar/4/ 22 KB
22 KB 33ms
30ms Image
image/jpeg 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.cgames.de/images/gamestar/4/gamestar-plus-banner-3-monate-holen-gutschein-desktop-dunkel_6181064.jpg
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 1419cef1fc553eec7b47443ab82fc0d5e54d6c002d361c7e05af63dad5def312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 24 May 2022 09:45:52 GMT
server: nginx/1.10.3
age: 1961043
x-cache: HIT (ent-vrn-img-02)
content-type: image/jpeg
cache-control: s-maxage=2592000, max-age=2592000
x-varnish: 325753021 849329314
accept-ranges: bytes
link: <http://images.cgames.de/images/gamestar/4/gamestar-plus-banner-3-monate-holen-gutschein-desktop-dunkel_6181064.jpg>; rel="canonical"
content-length: 22519
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

blank.gif
vg06.met.vgwort.de/
Redirect Chain

https://vg06.met.vgwort.de/na/d18d51fc79094e32812b0a2cfd9e474b
https://vg06.met.vgwort.de/blank.gif

43 B
306 B

12ms
12ms

Image
image/gif

161.156.47.59
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vg06.met.vgwort.de/blank.gif
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: HTTP/1.1
Server: 161.156.47.59 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 3b.2f.9ca1.ip4.static.sl-reverse.com
Software: keen /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Jun 2022 02:29:56 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: keen
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Thu, 16 Jun 2022 02:29:56 GMT
Last-Modified: Thu, 16 Jun 2022 02:29:56 GMT
Server: keen
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Content-Type: text/html
Location: /blank.gif
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Tue, 22 Aug 2000 15:05:01 GMT

GET
H2 200 favicon.svg
www.gamestar.de/gs_cb/assets/images/favicon/ 1 KB
958 B 24ms
20ms Image
image/svg+xml 2a03:7fc0:c000:1:185:12:50:67
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gamestar.de/gs_cb/assets/images/favicon/favicon.svg

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:67 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

1e8f6cd5b34980efef08a5574b5da23c4e4960d93506775b4bb868e8e10ebe1e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';, frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 11:44:18 GMT
cluster: C
age: 172
etag: W/"50f-5ae3f0a162453"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: image/svg+xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';, frame-ancestors 'self';
server: nginx

GET
H2 200 webedia_logo_dark.svg
static.cgames.de/gs_cb/assets/core/images/ 6 KB
7 KB 41ms
38ms Image
image/svg+xml 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.cgames.de/gs_cb/assets/core/images/webedia_logo_dark.svg

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

9f63dd498e3f6e7528ea69ed764fe08432a751382746f5f1117898bfea28e1fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
last-modified: Wed, 25 May 2022 09:42:03 GMT
server: nginx/1.10.3
age: 244
etag: "19c3-5dfd2e2c0045f"
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: image/svg+xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
date: Thu, 16 Jun 2022 02:29:56 GMT
accept-ranges: bytes
content-length: 6595

GET
H2 200 typeahead.bundle.min.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/typeahead/ 39 KB
12 KB 39ms
36ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/typeahead/typeahead.bundle.min.js?cc=310520220802

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

456894e2899453bb50d8cdf099140d5bd50be74301e02b9c6d13c26ec42ff97d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 06:08:17 GMT
server: nginx/1.10.3
age: 109
etag: "9b45-5bc0edc6da8d0-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 11537

GET
H2 200 jquery.waypoints.min.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/waypoints/ 9 KB
3 KB 41ms
38ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/waypoints/jquery.waypoints.min.js?cc=310520220802

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 06:08:17 GMT
server: nginx/1.10.3
age: 286
etag: "2281-5bc0edc6e4506-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 2698

GET
H2 200 jquery.validate.min.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/jquery/ 21 KB
7 KB 40ms
37ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/jquery/jquery.validate.min.js?cc=310520220802

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

c2e2bb0b6070315a55bb04a3b8e78b4882c920b31f45058c625b17938305136b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 06:08:16 GMT
server: nginx/1.10.3
age: 244
etag: "524e-5bc0edc6271b7-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 6367

GET
H2 200 velocity.min.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/ 34 KB
13 KB 40ms
38ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/velocity.min.js

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

bf0576b87978f24f743e2c5191296d4b1c7eff84bc5e17af5c2ae96a22531abf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 06:08:17 GMT
server: nginx/1.10.3
age: 3420
etag: "88eb-5bc0edc6e356a-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=3600, max-age=3600
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 12484

GET
H2 200 jquery.event.move.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/jquery/ 14 KB
4 KB 39ms
37ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/jquery/jquery.event.move.js

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

99e5c1acabc069482cebd649fbf00052363f2b735d3cc409b30280513631a975

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 06:08:16 GMT
server: nginx/1.10.3
age: 3424
etag: "3680-5bc0edc625e29-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=3600, max-age=3600
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 4169

GET
H2 200 jquery.event.swipe.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/jquery/ 3 KB
1 KB 40ms
38ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/jquery/jquery.event.swipe.js

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

2e11dab3cfc05ecc63598d96f74d91ee015bc2636a28b12fc0a4e465f717fca6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 06:08:16 GMT
server: nginx/1.10.3
age: 3452
etag: "d6d-5bc0edc626217-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=3600, max-age=3600
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 1190

GET
H2 200 unslider-min.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/unslider/dist/js/ 6 KB
3 KB 40ms
37ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/unslider/dist/js/unslider-min.js

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

68ccb3e710e9f83015617a055d3c3aa203cc60e872f128665869dd9a69ade0c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 06:08:17 GMT
server: nginx/1.10.3
age: 3485
etag: "1753-5bc0edc6ddf7d-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=3600, max-age=3600
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 2217

GET
H2 200 ResizeSensor.min.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/theia-sticky-sidebar/js/ 2 KB
1 KB 45ms
43ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/theia-sticky-sidebar/js/ResizeSensor.min.js

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

8f8078d5fa79042c80aff9ac50f962fca0a2461febc620b567e38fff39ddc182

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 06:08:16 GMT
server: nginx/1.10.3
age: 3450
etag: "8ec-5bc0edc62b41a-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=3600, max-age=3600
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 970

GET
H2 200 theia-sticky-sidebar.min.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/theia-sticky-sidebar/js/ 5 KB
2 KB 42ms
40ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/theia-sticky-sidebar/js/theia-sticky-sidebar.min.js

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 06:08:16 GMT
server: nginx/1.10.3
age: 3360
etag: "1535-5bc0edc62db27-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=3600, max-age=3600
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 1775

GET
H2 200 gamestar.min.js Show response
static.cgames.de/gs_cb/assets/js/ 80 KB
22 KB 46ms
44ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/js/gamestar.min.js?cc=310520220802

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

ef9f36dcdecc70bc43a7a3664704caefcab9863437e4876a4c536f4394ab7490

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 06:02:31 GMT
server: nginx/1.10.3
age: 230
etag: "13e01-5e04884add7bd-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 22096

GET
H2 200 bootstrap.min.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/bootstrap/ 44 KB
12 KB 43ms
41ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/bootstrap/bootstrap.min.js?cc=310520220802

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

fa541300b31b0e8d3ad43d929140081ddb8faf69b67453bed1284edc385d1af5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 06:08:16 GMT
server: nginx/1.10.3
age: 286
etag: "ae45-5bc0edc60fab2-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 11450

GET
H2 200 rpi.bundle.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/reading-position-indicator/dist/ 8 KB
3 KB 45ms
44ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/reading-position-indicator/dist/rpi.bundle.js?cc=310520220802

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

9ad86ff87106de335daefb0323634d59fb3e87b1fd0a925e6234c1dc690c02ad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 05:22:44 GMT
server: nginx/1.10.3
age: 282
etag: "1e87-5d675643263f7-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 2375

GET
H2 200 adblockDetection.min.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/ 7 KB
3 KB 44ms
43ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/adblockDetection.min.js

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

4e6c5923978ac1b71812913f37d275c1f79fb0f3ac2a37391c9e33e16161d9b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 06:02:23 GMT
server: nginx/1.10.3
age: 552
etag: "1b1f-5e048842f6eef-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=3600, max-age=3600
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 2581

GET
H2 200 bxw3gkn.js Show response
use.typekit.net/ 18 KB
7 KB 60ms
13ms Script
text/javascript 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/bxw3gkn.js

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

33704f3cc03af4f860411c4a69a62af69563785688152f8614aba768f5f90e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6888

GET
H2 200 bundle.js Show response
data-c53e1346fa.gamestar.de/iomb/latest/sensor/manager/base/es6/ 34 KB
13 KB 44ms
22ms Script
application/javascript 91.215.100.74
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://data-c53e1346fa.gamestar.de/iomb/latest/sensor/manager/base/es6/bundle.js
Requested by: Host: data-c53e1346fa.gamestar.de
URL: https://data-c53e1346fa.gamestar.de/iomm/latest/manager/base/es6/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.215.100.74 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 83056c1e74b8e9f2d34a5ef28be62c63f1e256bd2408687ae1ee0db20752fb59

Request headers

Referer: https://www.gamestar.de/
Origin: https://www.gamestar.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 10:16:31 GMT
server: nginx
etag: W/"61e541ff-88a9"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.gamestar.de
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

GET
H2 200 GS_logo_pride2022.svg
static.cgames.de/gs_cb/assets/core/images/ 5 KB
5 KB 38ms
37ms Image
image/svg+xml 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.cgames.de/gs_cb/assets/core/images/GS_logo_pride2022.svg

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

879710092c0e3b18809d32cf10b6d77f2d32558b33f742792d77e8b1b39c0dea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
last-modified: Wed, 25 May 2022 06:49:26 GMT
server: nginx/1.10.3
age: 246
etag: "1331-5dfd0796b7a7a"
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: image/svg+xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
date: Thu, 16 Jun 2022 02:29:56 GMT
accept-ranges: bytes
content-length: 4913

GET
H2 200 fyng-summer-2022-menu-desktop.png
static.cgames.de/img/aktionen/ 8 KB
8 KB 19ms
19ms Image
image/png 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cgames.de/img/aktionen/fyng-summer-2022-menu-desktop.png
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 9cfe6feace4f60e1967056b21754b81526bc9960231f9aafc7d92e75db60117c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
last-modified: Thu, 02 Jun 2022 10:53:58 GMT
server: nginx/1.10.3
age: 2785
etag: "1f65-5e074d2a34044"
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: image/png
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=2592000, max-age=2592000
accept-ranges: bytes
content-length: 8037

GET
DATA 200
OK truncated
/ 375 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5bb69ab612d17c869650291fc20687bc70d0f0f408b2439b04bbd07b3818759

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sdk.71b1c6dba66d36e6654d09b4153c62473904cb88.js Show response
sdk.privacy-center.org/ 391 KB
87 KB 7ms
7ms Script
application/javascript 2600:9000:2156:8600:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk.71b1c6dba66d36e6654d09b4153c62473904cb88.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/969f779f-570e-47ae-af54-36b8692b345e/loader.js?target=www.gamestar.de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcca3eb133a9bdbcabd1688800dd0938171b30917c905860965e81d17edfd1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Jun 2022 12:10:30 GMT
content-encoding: gzip
last-modified: Mon, 13 Jun 2022 12:06:10 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1655121716/ctime:1655121716/gid:0/gname:root/md5:18a0e1cf8db2659cb4b5c6cf575ea227/mode:33188/mtime:1655121716/uid:0/uname:root
age: 224366
etag: W/"18a0e1cf8db2659cb4b5c6cf575ea227"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: N-F0qZeITpbiyYSVqSl0_SbNjxkdWUUiXmKpawa3eSmd8DoRZAhUIA==

GET
H2 200 /
toolbox.webediagaming.de/fyng-summer-2022-action-widget/ Frame 21B0 0
0 106ms
38ms Document
text/html 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gamestar.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 206
content-encoding: gzip
content-length: 14399
content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-type: text/html; charset=UTF-8
date: Thu, 16 Jun 2022 02:29:56 GMT
link: <https://toolbox.webediagaming.de/?p=8405>; rel=shortlink
server: nginx
strict-transport-security: max-age=0
vary: Accept-Encoding
via: 1.1 varnish (Varnish/5.1)
x-cache: HIT (vrn-toolbox-live-02)
x-content-type-options: nosniff
x-pingback: https://toolbox.webediagaming.de/xmlrpc.php
x-varnish: 139513850 139633273
x-wgm-wp: Have a smoke!

POST
H2 200 base.io Show response
data-c53e1346fa.gamestar.de/ 0
333 B 12ms
12ms XHR
text/html 91.215.100.74
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://data-c53e1346fa.gamestar.de/base.io
Requested by: Host: data-c53e1346fa.gamestar.de
URL: https://data-c53e1346fa.gamestar.de/iomb/latest/sensor/manager/base/es6/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.215.100.74 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gamestar.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.gamestar.de
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

OPTIONS
H2 204 base.io
data-c53e1346fa.gamestar.de/ Frame 0
0 11ms
11ms Preflight 91.215.100.74
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://data-c53e1346fa.gamestar.de/base.io
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.215.100.74 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gamestar.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.gamestar.de
access-control-max-age: 1728000
date: Thu, 16 Jun 2022 02:29:56 GMT
server: nginx
vary: Origin

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 25ms
24ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray: 71c01ee2ab3001db-ZRH
date: Thu, 16 Jun 2022 02:29:56 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1687
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 19 Jun 2022 02:29:56 GMT

GET
H2 200 l
use.typekit.net/af/bdde80/00000000000000000001522d/27/ 26 KB
27 KB 14ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/bdde80/00000000000000000001522d/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 49fe23339cdb9ef46b3e27d405b7dc8ee44c53c2678d9228b710c383f0ef427c

Request headers

Referer: https://www.gamestar.de/
Origin: https://www.gamestar.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
server: nginx
etag: "130e04dea4e596a52f494a95b6a2ec8040d55789"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27008

GET
H2 200 l
use.typekit.net/af/220823/000000000000000000015231/27/ 26 KB
26 KB 15ms
14ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/220823/000000000000000000015231/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: eec62cb204dddbd71f19fe41f6f83588dafbc619df65da7f350a13a2ae50d992

Request headers

Referer: https://www.gamestar.de/
Origin: https://www.gamestar.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
server: nginx
etag: "00d44c09172f5031f3cf580788fa274fe23b9e8b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26180

GET
H2 200 l
use.typekit.net/af/180254/00000000000000000001522c/27/ 26 KB
26 KB 16ms
15ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/180254/00000000000000000001522c/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fb7238a43d12d8c6c8e5be18fce5569a7941caa2a7fc6f3d4843330cb541a3c1

Request headers

Referer: https://www.gamestar.de/
Origin: https://www.gamestar.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
server: nginx
etag: "15d179ff3908aee1f4518d2511464d8a0434d5b2"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26508

GET
H2 200 l
use.typekit.net/af/5d2da8/00000000000000007735a1ac/30/ 20 KB
21 KB 27ms
26ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5d2da8/00000000000000007735a1ac/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a4515b66fa871c93188710a6741dbbf3c0fff1234ba80bdd7f92312891882e2b

Request headers

Referer: https://www.gamestar.de/
Origin: https://www.gamestar.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
server: nginx
etag: "3d133657a4d7d85aac1e83f84574542f9e34edaa"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20924

GET
H2 200 l
use.typekit.net/af/3ec29d/00000000000000007735a1b1/30/ 20 KB
20 KB 28ms
27ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3ec29d/00000000000000007735a1b1/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1d8010388ede8cd0b15f18e7386df47437ca85f877609c3a487be15b74c0ea82

Request headers

Referer: https://www.gamestar.de/
Origin: https://www.gamestar.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
server: nginx
etag: "ce6e8f776102ebc60c8d5efba73be47678fe3328"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20420

GET
H2 200 l
use.typekit.net/af/fd801b/00000000000000007735a1b6/30/ 20 KB
21 KB 29ms
28ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/fd801b/00000000000000007735a1b6/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n6&v=3
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: dde59a1158acd883021cd7f60b1f3fcd802df9698a6844a300a2f57827079cf7

Request headers

Referer: https://www.gamestar.de/
Origin: https://www.gamestar.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
server: nginx
etag: "873c6d7616e79bfda0293c56195a634f3c3f728b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20912

GET
H2 200 l
use.typekit.net/af/0aef7c/00000000000000007735b208/30/ 28 KB
29 KB 36ms
36ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0aef7c/00000000000000007735b208/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6308abda1d73e4146e91ff6a38314ecb9310458c3e6970919789b4d12bcd075f

Request headers

Referer: https://www.gamestar.de/
Origin: https://www.gamestar.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
server: nginx
etag: "4720702e7eac74efc6bf19f26017a72c447e9154"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29004

GET
H2 200 lazysizes-intersection.js Show response
static.cgames.de/gs_cb/assets/core/js/libs/ 12 KB
4 KB 20ms
20ms Script
application/javascript 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cgames.de/gs_cb/assets/core/js/libs/lazysizes-intersection.js?cc=310520220802

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

e69f06b2ba5f100b1a6dfe78097c4bdea2bcd31f46821bc06c4accb7278aab86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 06:08:16 GMT
server: nginx/1.10.3
age: 279
etag: "3161-5bc0edc6275a5-gzip"
vary: Accept-Encoding
x-cache: HIT (vrn-gsgp-live-cA-02)
content-type: application/javascript
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 3720

GET
H2 200 fyng-summer-2022-menu-mobile.png
static.cgames.de/img/aktionen/ 27 KB
27 KB 19ms
19ms Image
image/png 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cgames.de/img/aktionen/fyng-summer-2022-menu-mobile.png
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 45faa97390d3aebb8b82762439ec79868d5b1af5324cf799bbaff1d168d18554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
last-modified: Thu, 02 Jun 2022 10:53:56 GMT
server: nginx/1.10.3
age: 2812
etag: "6b0b-5e074d286abd0"
x-cache: HIT (vrn-gsgp-live-cA-01)
content-type: image/png
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=2592000, max-age=2592000
accept-ranges: bytes
content-length: 27403

GET
H3 200 me Show response
cdn.lib.getjad.io/geoloc/ 41 B
267 B 36ms
21ms XHR
application/json 2606:4700:4400::6812:2194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lib.getjad.io/geoloc/me
Requested by: Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/35853227/DE_Gamestar
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 972cdfb37cc4e59d9bb377f5999604412eb749e553c344132f863aa93f11c1f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 71c01ee35f25021d-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41

GET
H2 200 3432c9457f9b617b6bb76b50daec76f2e2606fc709055f8dafd9923112c63fea Show response
scripts.webcontentassessor.com/scripts/ 258 KB
55 KB 48ms
6ms Script
application/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/3432c9457f9b617b6bb76b50daec76f2e2606fc709055f8dafd9923112c63fea
Requested by: Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/35853227/DE_Gamestar
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 316f29bc0b1ffd3bf307ef2c3a016063fdf040cba5ad21d0b7c41c677a9768b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: gzip
age: 2875
x-cache: HIT
content-length: 55842
x-amz-id-2: iBpkBKw+xMgEdOT6z/8CxzKv79AgWpR0eVrgfBo7CmSBMr9kwK/FmXU3lWUiMalzLnQ71W+oTqQ=
x-served-by: cache-hhn4058-HHN
last-modified: Thu, 16 Jun 2022 01:28:34 GMT
server: AmazonS3
x-timer: S1655346596.398660,VS0,VE0
etag: "124a260b14cfbba221719a661b179d3b"
vary: Accept-Encoding
x-amz-request-id: 7E699H2EHSJVFNV7
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 23

GET
H3 200 35853227 Show response
cdn.lib.getjad.io/prebid/ 325 KB
325 KB 34ms
21ms Script
text/plain 2606:4700:4400::6812:2194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lib.getjad.io/prebid/35853227
Requested by: Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/35853227/DE_Gamestar
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b3d0e841133721db21efd0c2957cc2b703ddba1798b1b08562acb875447d736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
cf-cache-status: HIT
last-modified: Mon, 30 May 2022 09:30:04 GMT
server: cloudflare
age: 2249
etag: "5122e-5e0374d1ab080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=3600, s-max-age=3600, stale-while-revalidate=3600, stale-if-error=7200
accept-ranges: bytes
cf-ray: 71c01ee35fe201eb-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 332334
expires: Thu, 16 Jun 2022 02:25:03 GMT

GET
H2 200 60df9efc764c4fb7375d9be0.js Show response
webedia-de-cdn.relevant-digital.com/static/tags/ 47 KB
12 KB 253ms
12ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://webedia-de-cdn.relevant-digital.com/static/tags/60df9efc764c4fb7375d9be0.js
Requested by: Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/35853227/DE_Gamestar
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / Express
Resource Hash: 37a602fad46b3b1828c352ed1dd2bebffbf912bf5eb37b7319ab23a92239de8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: br
x-77-nzt-ray: pGvxeJv/ml8
x-powered-by: Express
x-77-cache: HIT
x-cache: HIT
x-age: 149896
x-77-nzt: Abk73BB6Hxv/iEkCAA
x-accel-expires: @1681116700
last-modified: Tue, 14 Jun 2022 08:50:51 GMT
server: CDN77-Turbo
etag: W/"bd29-18161688fc6"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: s-maxage=25920000, max-age=0

GET
H3 200 d5.json Show response
cdn.lib.getjad.io/restrictedurl/90/8d/56/19/f7/74/52/c5/d7/b4/75/fb/f5/3e/9a/ 555 B
684 B 55ms
44ms XHR
application/json 2606:4700:4400::6812:2194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lib.getjad.io/restrictedurl/90/8d/56/19/f7/74/52/c5/d7/b4/75/fb/f5/3e/9a/d5.json
Requested by: Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/35853227/DE_Gamestar
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b892e0edca76867f9946a62be4662d8c39942e6c073a906dee80b5bd1f73e456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Jun 2022 08:30:50 GMT
server: cloudflare
etag: W/"22b-5e17856b6327d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600, s-max-age=3600, stale-while-revalidate=3600, stale-if-error=7200
cf-ray: 71c01ee35f26021d-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 16 Jun 2022 03:27:56 GMT

GET
H2 200 index.cfm Show response
www.gamestar.de/gs_cb/ 13 B
269 B 54ms
53ms XHR
application/json 2a03:7fc0:c000:1:185:12:50:67
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gamestar.de/gs_cb/index.cfm?event=content%3Aajax.view&id=3358149&type=10&page=1&r=88151.20575779947

Requested by

Host: static.cgames.de
URL: https://static.cgames.de/gs_cb/assets/core/js/libs/jquery/jquery-3.6.0.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:67 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

39b77d20d4feeface12c69506e8217816f78f9f41ac3e5424309b6c6f40c74a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
cluster: C
age: 0
x-cache: MISS (vrn-gsgp-live-cA-02)
content-type: application/json;charset=utf-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 13
server: nginx

GET /
toolbox.webediagaming.de/fyng-summer-2022-action-widget/ Frame 21B0 0
0

GET
H2 200 / Show response
toolbox.webediagaming.de/fyng-summer-2022-action-widget/ Frame 99DA 86 KB
15 KB 20ms
20ms Document
text/html 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Requested by

Host: static.cgames.de
URL: https://static.cgames.de/gs_cb/assets/core/js/libs/jquery/jquery-3.6.0.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

cfd0e34d683a11d3431226903e938f9516038e0ab26f01c2f819834bf56c3781

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gamestar.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 206
content-encoding: gzip
content-length: 14399
content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-type: text/html; charset=UTF-8
date: Thu, 16 Jun 2022 02:29:56 GMT
link: <https://toolbox.webediagaming.de/?p=8405>; rel=shortlink
server: nginx
strict-transport-security: max-age=0
vary: Accept-Encoding
via: 1.1 varnish (Varnish/5.1)
x-cache: HIT (vrn-toolbox-live-02)
x-content-type-options: nosniff
x-pingback: https://toolbox.webediagaming.de/xmlrpc.php
x-varnish: 139513851 139633273
x-wgm-wp: Have a smoke!

GET
H2 200 ui-gdpr-de.71b1c6dba66d36e6654d09b4153c62473904cb88.js Show response
sdk.privacy-center.org/ 273 KB
56 KB 7ms
7ms Script
application/javascript 2600:9000:2156:8600:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/ui-gdpr-de.71b1c6dba66d36e6654d09b4153c62473904cb88.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.71b1c6dba66d36e6654d09b4153c62473904cb88.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eef09b821740b4f2c6b66fb9b0e509a9b5c37e3d5a5ca8fab31e563dba7e08e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Jun 2022 12:10:31 GMT
content-encoding: gzip
last-modified: Mon, 13 Jun 2022 12:06:17 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1655121716/ctime:1655121716/gid:0/gname:root/md5:c26ec90338281083b1b767f208a880f8/mode:33188/mtime:1655121716/uid:0/uname:root
age: 224366
etag: W/"c26ec90338281083b1b767f208a880f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Xah1QEAF8nISxPW8ZEh81w7AKWyjPvFYesy-szi7xvoNuNKRszOLUw==

GET
H2 200 index.cfm Show response
www.gamestar.de/gs_cb/ 3 B
258 B 29ms
29ms XHR
application/json 2a03:7fc0:c000:1:185:12:50:67
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gamestar.de/gs_cb/index.cfm?event=content:ajax.siteSearchSuggest

Requested by

Host: static.cgames.de
URL: https://static.cgames.de/gs_cb/assets/core/js/libs/jquery/jquery-3.6.0.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:67 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
cluster: C
age: 0
x-cache: MISS (vrn-gsgp-live-cA-01)
content-type: application/json;charset=utf-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: s-maxage=0, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 3
server: nginx

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 90ms
13ms Image
image/gif 2a02:26f0:f7::5c7b:e01b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=bxw3gkn&ht=tk&h=www.gamestar.de&f=15701.15705.15708.17001.17005.17006.29002&a=699962&js=1.21.0&app=typekit&e=js&_=1655346596507
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e01b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 web Show response
onesignal.com/api/v1/sync/44ab1890-839e-48ae-886b-5930be6085d7/ 3 KB
2 KB 25ms
18ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/44ab1890-839e-48ae-886b-5930be6085d7/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1f685418435cbe472eac9bd3144bf9a6885305cffe1e8f871291bec70959ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 244
cf-polished: origSize=3294
status: 200 OK
x-envoy-upstream-service-time: 28
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f9471b4f-3727-4807-b2b5-1f14f0e85ac3
x-runtime: 0.026729
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"32a7702f7009927009888664a859f8b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 71c01ee48c0a01db-ZRH
access-control-allow-headers: SDK-Version
expires: Thu, 16 Jun 2022 03:29:56 GMT

GET
H2 200 style.min.css
toolbox.webediagaming.de/wp-includes/css/dist/block-library/ Frame 99DA 81 KB
11 KB 20ms
19ms Stylesheet
text/css 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 10256
x-cache: HIT (vrn-toolbox-live-01)
vary: Accept-Encoding
content-length: 11204
etag: "624d315d-145db"
last-modified: Wed, 06 Apr 2022 06:21:17 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 537057748 617675448
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: text/css
expires: Wed, 29 Jun 2022 23:39:00 GMT

GET
H2 200 wpforms-full.min.css
toolbox.webediagaming.de/wp-content/plugins/wpforms/assets/css/ Frame 99DA 39 KB
6 KB 21ms
20ms Stylesheet
text/css 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-content/plugins/wpforms/assets/css/wpforms-full.min.css?ver=1.7.4.2

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

f11881a89ad5ebdbfe75b6a82c4f1359bef968b54a8e006b0b677688ecfeb581

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 18033
x-cache: HIT (vrn-toolbox-live-02)
vary: Accept-Encoding
content-length: 5480
etag: "6295a53d-9be9"
last-modified: Tue, 31 May 2022 05:18:53 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 139886661 139278314
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: text/css
expires: Wed, 29 Jun 2022 21:29:22 GMT

GET
H2 200 polls-css.css
toolbox.webediagaming.de/wp-content/plugins/wp-polls/ Frame 99DA 3 KB
1 KB 20ms
19ms Stylesheet
text/css 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-content/plugins/wp-polls/polls-css.css?ver=2.76.0

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 18220
x-cache: HIT (vrn-toolbox-live-01)
vary: Accept-Encoding
content-length: 723
etag: "6295a4ae-a94"
last-modified: Tue, 31 May 2022 05:16:30 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 537057749 618407818
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: text/css
expires: Wed, 29 Jun 2022 21:26:16 GMT

GET
H2 200 animate.css
toolbox.webediagaming.de/wp-content/plugins/wp-quiz-pro/assets/frontend/css/ Frame 99DA 73 KB
5 KB 22ms
21ms Stylesheet
text/css 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-content/plugins/wp-quiz-pro/assets/frontend/css/animate.css?ver=3.6.0

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

75a33bdccbadc38c64bf09f76d24d7a1b3fdf61c0915169cc3e7d9b5b07405c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 13928
x-cache: HIT (vrn-toolbox-live-02)
vary: Accept-Encoding
content-length: 4469
etag: "625e5af1-1252c"
last-modified: Tue, 19 Apr 2022 06:47:13 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 139886662 139287245
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: text/css
expires: Wed, 29 Jun 2022 22:37:48 GMT

GET
H2 200 wp-quiz.css
toolbox.webediagaming.de/wp-content/plugins/wp-quiz-pro/assets/frontend/css/ Frame 99DA 38 KB
8 KB 21ms
20ms Stylesheet
text/css 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-content/plugins/wp-quiz-pro/assets/frontend/css/wp-quiz.css?ver=2.1.11

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

9d9dc82800339442fb55bd21410e36a6fdd9047981fe7fb61598ecd7089d4da6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 9764
x-cache: HIT (vrn-toolbox-live-01)
vary: Accept-Encoding
content-length: 7781
etag: "625e5af1-9682"
last-modified: Tue, 19 Apr 2022 06:47:13 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 537057750 614463816
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: text/css
expires: Wed, 29 Jun 2022 23:47:12 GMT

GET
H2 200 all.css
toolbox.webediagaming.de/wp-content/themes/wbd-toolbox/assets/css/ Frame 99DA 17 KB
5 KB 23ms
22ms Stylesheet
text/css 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-content/themes/wbd-toolbox/assets/css/all.css?ver=1.0.0

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

a6aff4ceeae8ae887e28f445519c2b91de767ba143db32331cb492cfbf9dae4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 14382
x-cache: HIT (vrn-toolbox-live-02)
vary: Accept-Encoding
content-length: 4524
etag: "628481b5-43c7"
last-modified: Wed, 18 May 2022 05:18:45 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 139695660 139563338
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: text/css
expires: Wed, 29 Jun 2022 22:30:13 GMT

GET
H2 200 wbd-toolbox.gamestar.min.css
toolbox.webediagaming.de/wp-content/themes/wbd-toolbox/dist/ Frame 99DA 4 KB
2 KB 21ms
21ms Stylesheet
text/css 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-content/themes/wbd-toolbox/dist/wbd-toolbox.gamestar.min.css?ver=1.0.0

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

1c6b561b963b214e708c5a1db5900bbc142b0f0bc7e4b1a63688b86b83b2513d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 13818
x-cache: HIT (vrn-toolbox-live-01)
vary: Accept-Encoding
content-length: 1125
etag: "628481b4-11a6"
last-modified: Wed, 18 May 2022 05:18:44 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 612268013 618856523
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: text/css
expires: Wed, 29 Jun 2022 22:39:37 GMT

GET
H2 200 bxw3gkn.css
use.typekit.net/ Frame 99DA 5 KB
1 KB 13ms
13ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/bxw3gkn.css?ver=1.0.0

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

05f8593a22fdf3fd4f89d1e7601a9510dc28820fd438808e0d6a97644d6b10d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 892

GET
H2 200 jquery.min.js Show response
toolbox.webediagaming.de/wp-includes/js/jquery/ Frame 99DA 87 KB
31 KB 37ms
37ms Script
application/x-javascript 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 15909
x-cache: HIT (vrn-toolbox-live-02)
vary: Accept-Encoding
content-length: 30953
etag: "612c71ba-15db1"
last-modified: Mon, 30 Aug 2021 05:50:50 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 139451643 138704636
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: application/x-javascript
expires: Wed, 29 Jun 2022 22:04:47 GMT

GET
H2 200 jquery-migrate.min.js Show response
toolbox.webediagaming.de/wp-includes/js/jquery/ Frame 99DA 11 KB
5 KB 21ms
20ms Script
application/x-javascript 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 771
x-cache: HIT (vrn-toolbox-live-01)
vary: Accept-Encoding
content-length: 4169
etag: "5fd870ac-2bd8"
last-modified: Tue, 15 Dec 2020 08:15:40 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 616941637 619316743
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: application/x-javascript
expires: Thu, 30 Jun 2022 02:17:05 GMT

GET
H2 200 rbtools.min.js Show response
toolbox.webediagaming.de/wp-content/plugins/revslider/public/assets/js/ Frame 99DA 126 KB
48 KB 20ms
20ms Script
application/x-javascript 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

559f367b8631134334b4870bed568b019af144c801b574a252e337d4e837a05a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 6425
x-cache: HIT (vrn-toolbox-live-02)
vary: Accept-Encoding
content-length: 48758
etag: "6295a539-1f69c"
last-modified: Tue, 31 May 2022 05:18:49 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 139451645 139729355
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: application/x-javascript
expires: Thu, 30 Jun 2022 00:42:50 GMT

GET
H2 200 rs6.min.js Show response
toolbox.webediagaming.de/wp-content/plugins/revslider/public/assets/js/ Frame 99DA 381 KB
100 KB 21ms
20ms Script
application/x-javascript 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.24

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

20260a2b327f69ddfd34a15f57c728f790778989af847470220c5a5f0b929e27

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 18149
x-cache: HIT (vrn-toolbox-live-01)
vary: Accept-Encoding
content-length: 101772
etag: "6295a539-5f392"
last-modified: Tue, 31 May 2022 05:18:49 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 612268015 616914255
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: application/x-javascript
expires: Wed, 29 Jun 2022 21:27:26 GMT

GET
H2 200 FYNG-Logo-2022.png
images.toolbox.webediagaming.de/wp-content/uploads/sales/other/ Frame 99DA 4 KB
5 KB 201ms
20ms Image
image/png 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.toolbox.webediagaming.de/wp-content/uploads/sales/other/FYNG-Logo-2022.png

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

9bc4a9df687ec15e4acbe0f81d2278d9b446cea1b89c35cacccd7e52cea260a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
via: 1.1 varnish (Varnish/5.1)
last-modified: Mon, 21 Mar 2022 14:58:53 GMT
server: nginx/1.10.3
age: 11712
etag: "623892ad-1146"
x-cache: HIT (vrn-toolbox-live-01)
content-type: image/png
date: Thu, 16 Jun 2022 02:29:56 GMT
x-varnish: 612268016 615078764
accept-ranges: bytes
content-length: 4422
expires: Wed, 29 Jun 2022 23:14:44 GMT

GET
H2 200 rs6.css
toolbox.webediagaming.de/wp-content/plugins/revslider/public/assets/css/ Frame 99DA 57 KB
13 KB 20ms
20ms Stylesheet
text/css 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.24

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

8527577417ba8bd5dbaaad96e47d57c5e94b9e17094ffd9c0a2b5ad56a324347

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 18009
x-cache: HIT (vrn-toolbox-live-02)
vary: Accept-Encoding
content-length: 12396
etag: "6295a539-e245"
last-modified: Tue, 31 May 2022 05:18:49 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 139451644 139278442
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: text/css
expires: Wed, 29 Jun 2022 21:29:46 GMT

GET
H2 200 polls-js.js Show response
toolbox.webediagaming.de/wp-content/plugins/wp-polls/ Frame 99DA 3 KB
1 KB 19ms
19ms Script
application/x-javascript 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-content/plugins/wp-polls/polls-js.js?ver=2.76.0

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 18153
x-cache: HIT (vrn-toolbox-live-01)
vary: Accept-Encoding
content-length: 648
etag: "6295a4ae-caa"
last-modified: Tue, 31 May 2022 05:16:30 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 612268014 615371802
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: application/x-javascript
expires: Wed, 29 Jun 2022 21:27:23 GMT

GET
H2 200 wbd-toolbox.min.js Show response
toolbox.webediagaming.de/wp-content/themes/wbd-toolbox/dist/ Frame 99DA 2 KB
2 KB 33ms
33ms Script
application/x-javascript 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-content/themes/wbd-toolbox/dist/wbd-toolbox.min.js?ver=1.0.0

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

e07f38e53df79bf441c35c66c7812390bd8118ab453b863a6965fbffb6e3ed8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 28096
x-cache: HIT (vrn-toolbox-live-02)
vary: Accept-Encoding
content-length: 1128
etag: "628481b4-8e6"
last-modified: Wed, 18 May 2022 05:18:44 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 139451646 138784905
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: application/x-javascript
expires: Wed, 29 Jun 2022 18:41:39 GMT

GET
H2 200 wp-emoji-release.min.js Show response
toolbox.webediagaming.de/wp-includes/js/ Frame 99DA 18 KB
5 KB 20ms
19ms Script
application/x-javascript 2a03:7fc0:c000:1:185:12:50:76
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://toolbox.webediagaming.de/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:76 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
x-content-type-options: nosniff
age: 10594
x-cache: HIT (vrn-toolbox-live-01)
vary: Accept-Encoding
content-length: 4926
etag: "612c71ba-4705"
last-modified: Mon, 30 Aug 2021 05:50:50 GMT
server: nginx
date: Thu, 16 Jun 2022 02:29:56 GMT
strict-transport-security: max-age=0
x-varnish: 619317074 618441288
via: 1.1 varnish (Varnish/5.1)
accept-ranges: bytes
content-type: application/x-javascript
expires: Wed, 29 Jun 2022 23:33:22 GMT

GET
H2 200 p.css
p.typekit.net/ Frame 99DA 5 B
181 B 13ms
13ms Stylesheet
text/css 2a02:26f0:f7::5c7b:e01b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=bxw3gkn&ht=tk&f=15701.15705.15708.17001.17005.17006.29002&a=699962&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bxw3gkn.css?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e01b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 discord-anleitung-teaser_6096995.jpg
images.cgames.de/images/gamestar/209/ 6 KB
7 KB 29ms
28ms Image
image/jpeg 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.cgames.de/images/gamestar/209/discord-anleitung-teaser_6096995.jpg
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 07f66dcc6b0d0f165103ec3a5234b9911bd966ea93ffeb2be85435b8f2b25f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Fri, 20 May 2022 18:14:49 GMT
server: nginx/1.10.3
age: 0
x-cache: MISS (ent-vrn-img-01)
content-type: image/jpeg
cache-control: s-maxage=2592000, max-age=2592000
x-varnish: 367532033
accept-ranges: bytes
link: <http://images.cgames.de/images/gamestar/209/discord-anleitung-teaser_6096995.jpg>; rel="canonical"
content-length: 6349
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 warcraft-3-reforged-gs_6184083.jpg
images.cgames.de/images/gamestar/256/ 43 KB
44 KB 20ms
20ms Image
image/jpeg 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.cgames.de/images/gamestar/256/warcraft-3-reforged-gs_6184083.jpg
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 2826c845046b9ab9c6c89a7ecd67691faa606a1236d8a928131ba0cf677e28a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Wed, 15 Jun 2022 13:04:22 GMT
server: nginx/1.10.3
age: 45163
x-cache: MISS (ent-vrn-img-01)
content-type: image/jpeg
cache-control: s-maxage=2592000, max-age=2592000
x-varnish: 323418046 317555878
accept-ranges: bytes
link: <http://images.cgames.de/images/gamestar/256/warcraft-3-reforged-gs_6184083.jpg>; rel="canonical"
content-length: 44192
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 squid-game-netflix_6184097.jpg
images.cgames.de/images/gamestar/256/ 18 KB
18 KB 20ms
19ms Image
image/jpeg 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.cgames.de/images/gamestar/256/squid-game-netflix_6184097.jpg
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 5e34dd886a4c5538503672d286e5c0908fddc47fb8b13183d6409b993e5e5c95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Wed, 15 Jun 2022 13:04:16 GMT
server: nginx/1.10.3
age: 47884
x-cache: HIT (ent-vrn-img-01)
content-type: image/jpeg
cache-control: s-maxage=2592000, max-age=2592000
x-varnish: 367825544 356325595
accept-ranges: bytes
link: <http://images.cgames.de/images/gamestar/256/squid-game-netflix_6184097.jpg>; rel="canonical"
content-length: 18064
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 daten%C3%BCbertragung-whatsapp-android-zu-ios_6184033.jpg
images.cgames.de/images/gamestar/256/ 14 KB
14 KB 20ms
20ms Image
image/jpeg 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.cgames.de/images/gamestar/256/daten%C3%BCbertragung-whatsapp-android-zu-ios_6184033.jpg
Requested by: Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 794f28f28be57e0e948c05473ed246460105bc07baa2205bc6f4c4a5e764203e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gamestar.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Wed, 15 Jun 2022 10:03:13 GMT
server: nginx/1.10.3
age: 51200
x-cache: MISS (ent-vrn-img-02)
content-type: image/jpeg
cache-control: s-maxage=2592000, max-age=2592000
x-varnish: 326815590 310464851
accept-ranges: bytes
link: <http://images.cgames.de/images/gamestar/256/daten%C3%BCbertragung-whatsapp-android-zu-ios_6184033.jpg>; rel="canonical"
content-length: 13959
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 index.cfm Show response
www.gamestar.de/gs_cb/ 16 B
527 B 34ms
34ms XHR
application/json 2a03:7fc0:c000:1:185:12:50:67
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gamestar.de/gs_cb/index.cfm?event=tracking:ajax.cmpAction

Requested by

Host: www.gamestar.de
URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:67 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx /

Resource Hash

6489d6d7a33c5d40e18fc61eeb6c34c341279ee61816394dde5189aa4ad8fae5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Referer: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarywl2RnVwFTurwAC8L

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
cluster: C
age: 0
x-cache: MISS (vrn-gsgp-live-cA-02)
content-type: application/json;charset=utf-8
access-control-allow-origin: https://imasdk.googleapis.com
content-security-policy: frame-ancestors 'self';
accept-ranges: bytes
content-length: 16
server: nginx

GET
H2 200 FYNG-Background-2022.png
images.toolbox.webediagaming.de/wp-content/uploads/sales/other/ Frame 99DA 256 KB
257 KB 183ms
39ms Image
image/png 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.toolbox.webediagaming.de/wp-content/uploads/sales/other/FYNG-Background-2022.png

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

2f5fb614a3a02ba43c82348dc1380cee96ffd924c6d428760f52167e8054e20e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
via: 1.1 varnish (Varnish/5.1)
last-modified: Mon, 21 Mar 2022 14:58:53 GMT
server: nginx/1.10.3
age: 7567
etag: "623892ad-3ff2f"
x-cache: HIT (vrn-toolbox-live-01)
content-type: image/png
date: Thu, 16 Jun 2022 02:29:56 GMT
x-varnish: 619317076 616782126
accept-ranges: bytes
content-length: 261935
expires: Thu, 30 Jun 2022 00:23:49 GMT

GET
H2 200 arrow-right-white.svg
images.toolbox.webediagaming.de/wp-content/uploads/sales/other/ Frame 99DA 639 B
822 B 201ms
57ms Image
image/svg+xml 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.toolbox.webediagaming.de/wp-content/uploads/sales/other/arrow-right-white.svg

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

3dcfcc6fdcbaa46cdb9c7673161192bcf37b1d8dcf99174cb767c53bdba7ce9a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 19:47:11 GMT
server: nginx/1.10.3
age: 140
etag: "60c26c3f-27f"
vary: Accept-Encoding
x-cache: HIT (vrn-toolbox-live-01)
content-type: image/svg+xml
via: 1.1 varnish (Varnish/5.1)
date: Thu, 16 Jun 2022 02:29:56 GMT
x-varnish: 616941640 613872421
accept-ranges: bytes
content-length: 350
x-wgm-wp: Have a smoke!

GET
H2 200 l
use.typekit.net/af/180254/00000000000000000001522c/27/ Frame 99DA 26 KB
26 KB 14ms
14ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/180254/00000000000000000001522c/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bxw3gkn.css?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fb7238a43d12d8c6c8e5be18fce5569a7941caa2a7fc6f3d4843330cb541a3c1

Request headers

Referer: https://use.typekit.net/bxw3gkn.css?ver=1.0.0
Origin: https://toolbox.webediagaming.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:29:56 GMT
server: nginx
etag: "15d179ff3908aee1f4518d2511464d8a0434d5b2"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26508

GET
H2 200 FYNG-Summer-2022-ActionWidget-Sponsors.png
images.toolbox.webediagaming.de/wp-content/uploads/sales/other/ Frame 99DA 23 KB
23 KB 195ms
57ms Image
image/png 2a03:7fc0:c000:1:185:12:50:205
JEUXVIDEO-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.toolbox.webediagaming.de/wp-content/uploads/sales/other/FYNG-Summer-2022-ActionWidget-Sponsors.png

Requested by

Host: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:7fc0:c000:1:185:12:50:205 , France, ASN35717 (JEUXVIDEO-NETWORK, FR),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

89faa2679883b2892bc09c096f8318de05068851e4db186b7c9073b4cdb69446

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx .google.de .google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://toolbox.webediagaming.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: frame-ancestors www.gamestar.de www.gamepro.de mein-mmo.de ninotaku.de toolbox.webediagaming.de gs.stage.wgm.ipx gp.stage.wgm.ipx *.google.de *.google.com *.cdn.ampproject.org gutenberg.stage.wgm.ipx gs.developer.wgm.ipx gp.developer.wgm.ipx
via: 1.1 varnish (Varnish/5.1)
last-modified: Wed, 01 Jun 2022 07:19:23 GMT
server: nginx/1.10.3
age: 11709
etag: "629712fb-5af2"
x-cache: HIT (vrn-toolbox-live-01)
content-type: image/png
date: Thu, 16 Jun 2022 02:29:56 GMT
x-varnish: 558105823 616588158
accept-ranges: bytes
content-length: 23282
expires: Wed, 29 Jun 2022 23:14:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: toolbox.webediagaming.de
URL: https://toolbox.webediagaming.de/fyng-summer-2022-action-widget/?website=gamestar&darkmode=no

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gamestar.de/	1970-01-20 06:00:08	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTgxNmE1ODgtYTJmZC02NDc3LTgwMjQtMjAwNzBkNGIwNDRjIiwiY3JlYXRlZCI6IjIwMjItMDYtMTZUMDI6Mjk6NTYuNDQ1WiIsInVwZGF0ZWQiOiIyMDIyLTA2LTE2VDAyOjI5OjU2LjQ0NVoiLCJ2ZXJzaW9uIjpudWxsfQ==
www.gamestar.de/	1970-01-20 12:34:42	Name: cfid Value: ba4953a2-9cf8-4874-b21b-3b784fbca5ae
www.gamestar.de/	1970-01-20 12:34:42	Name: cftoken Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true(Line 419) Message: A preload for 'https://use.typekit.net/bxw3gkn.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript	warning	URL: https://www.gamestar.de/artikel/discord-trojaner-malware,3358149.html?__twitter_impression=true Message: The resource https://use.typekit.net/bxw3gkn.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.lib.getjad.io
cdn.onesignal.com
cdn.promio-connect.com
data-c53e1346fa.gamestar.de
images.cgames.de
images.toolbox.webediagaming.de
onesignal.com
p.typekit.net
scripts.webcontentassessor.com
sdk.privacy-center.org
static.cgames.de
toolbox.webediagaming.de
use.typekit.net
vg06.met.vgwort.de
webedia-de-cdn.relevant-digital.com
www.gamestar.de
toolbox.webediagaming.de
151.101.130.217
161.156.47.59
217.115.153.216
2600:9000:2156:8600:5:b7cc:d3c0:93a1
2606:4700:4400::6812:2194
2606:4700::6812:e234
2a02:26f0:3500:16::215:148f
2a02:26f0:f7::5c7b:e01b
2a02:6ea0:c700::10
2a03:7fc0:c000:1:185:12:50:205
2a03:7fc0:c000:1:185:12:50:67
2a03:7fc0:c000:1:185:12:50:76
91.215.100.74
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
05f8593a22fdf3fd4f89d1e7601a9510dc28820fd438808e0d6a97644d6b10d9
07cdeb3496c0222a09ec5a8bc0772b5a57f35fae5219a7d801c64f62007665db
07f66dcc6b0d0f165103ec3a5234b9911bd966ea93ffeb2be85435b8f2b25f81
0be1ae2251f892507e1f248247290408ffd9d1119ca178645362c792f5681c9a
1419cef1fc553eec7b47443ab82fc0d5e54d6c002d361c7e05af63dad5def312
148bae55105a8559a1fb734b54e94a7c88372c588449c1ca5e03c9f0e35912f5
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c6b561b963b214e708c5a1db5900bbc142b0f0bc7e4b1a63688b86b83b2513d
1d8010388ede8cd0b15f18e7386df47437ca85f877609c3a487be15b74c0ea82
1e8f6cd5b34980efef08a5574b5da23c4e4960d93506775b4bb868e8e10ebe1e
20260a2b327f69ddfd34a15f57c728f790778989af847470220c5a5f0b929e27
2826c845046b9ab9c6c89a7ecd67691faa606a1236d8a928131ba0cf677e28a6
2e11dab3cfc05ecc63598d96f74d91ee015bc2636a28b12fc0a4e465f717fca6
2f5fb614a3a02ba43c82348dc1380cee96ffd924c6d428760f52167e8054e20e
316f29bc0b1ffd3bf307ef2c3a016063fdf040cba5ad21d0b7c41c677a9768b8
33704f3cc03af4f860411c4a69a62af69563785688152f8614aba768f5f90e27
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a602fad46b3b1828c352ed1dd2bebffbf912bf5eb37b7319ab23a92239de8a
39b77d20d4feeface12c69506e8217816f78f9f41ac3e5424309b6c6f40c74a0
3dcfcc6fdcbaa46cdb9c7673161192bcf37b1d8dcf99174cb767c53bdba7ce9a
456894e2899453bb50d8cdf099140d5bd50be74301e02b9c6d13c26ec42ff97d
45faa97390d3aebb8b82762439ec79868d5b1af5324cf799bbaff1d168d18554
483cf1dfa3c340a91edc49e718c51c908cc3d928544189234a9d471fe013ac8b
49fe23339cdb9ef46b3e27d405b7dc8ee44c53c2678d9228b710c383f0ef427c
4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526
4e6c5923978ac1b71812913f37d275c1f79fb0f3ac2a37391c9e33e16161d9b4
559f367b8631134334b4870bed568b019af144c801b574a252e337d4e837a05a
5b3d0e841133721db21efd0c2957cc2b703ddba1798b1b08562acb875447d736
5de2f9674b2f039b6eb2281527cf19fe63e4249610312b4622f3ff67b9b527bf
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5e34dd886a4c5538503672d286e5c0908fddc47fb8b13183d6409b993e5e5c95
6308abda1d73e4146e91ff6a38314ecb9310458c3e6970919789b4d12bcd075f
6489d6d7a33c5d40e18fc61eeb6c34c341279ee61816394dde5189aa4ad8fae5
68ccb3e710e9f83015617a055d3c3aa203cc60e872f128665869dd9a69ade0c5
6c86c25a6f7739b6c0552bc79b046e79ce7a8eba5e8ef48bc82519dd9ee0b8fb
6e764e78af6839341ec5e5019ef8dc89aa4f7ad5aaa7ccbfcebb39850ec0e1d6
6f772fa2d85534cb7b2efd2863c2b53bf28aa68c33a97e75619acf395257313e
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
75a33bdccbadc38c64bf09f76d24d7a1b3fdf61c0915169cc3e7d9b5b07405c5
794f28f28be57e0e948c05473ed246460105bc07baa2205bc6f4c4a5e764203e
7be776692a9861a95cdb001d4d54a806b347ac79849a7b71e3f13447b29c0d79
7f2d849617a74f5d6f81dc6e37c9b87f09b9b3479f3bd37050f4bc5b58a3842f
83056c1e74b8e9f2d34a5ef28be62c63f1e256bd2408687ae1ee0db20752fb59
8341f329c5e3265d21e8918982d4ce3c037159fd31e16b89619e55763fc422e6
8527577417ba8bd5dbaaad96e47d57c5e94b9e17094ffd9c0a2b5ad56a324347
879710092c0e3b18809d32cf10b6d77f2d32558b33f742792d77e8b1b39c0dea
89faa2679883b2892bc09c096f8318de05068851e4db186b7c9073b4cdb69446
8f8078d5fa79042c80aff9ac50f962fca0a2461febc620b567e38fff39ddc182
908c2148dad0354b5f515e70a6c2531b7fdc45b92d1d10cad8aa5d3b41228865
972cdfb37cc4e59d9bb377f5999604412eb749e553c344132f863aa93f11c1f4
99e5c1acabc069482cebd649fbf00052363f2b735d3cc409b30280513631a975
9ad86ff87106de335daefb0323634d59fb3e87b1fd0a925e6234c1dc690c02ad
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9bc4a9df687ec15e4acbe0f81d2278d9b446cea1b89c35cacccd7e52cea260a8
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
9cfe6feace4f60e1967056b21754b81526bc9960231f9aafc7d92e75db60117c
9d9dc82800339442fb55bd21410e36a6fdd9047981fe7fb61598ecd7089d4da6
9f63dd498e3f6e7528ea69ed764fe08432a751382746f5f1117898bfea28e1fb
a0b779ad590272d25a6b625b33f3d117b71ab8b77efa8266cf2ebcd90bd76764
a314d64316aa89a35438aa243fa11a9642654a159234eec8788eaeca44f6f967
a4515b66fa871c93188710a6741dbbf3c0fff1234ba80bdd7f92312891882e2b
a508ecd8b227dfdc60d1968e080292490ed668169293d88a1b71c4d2294f3004
a6aff4ceeae8ae887e28f445519c2b91de767ba143db32331cb492cfbf9dae4b
aac67f53ffe6a61622c6953f37ba2f2b9fab081c60b610b5f876d61e9607e838
aff5c0d375532e7593481c1e4bc96b128eb5c2fd53c6992f095588555dbfc7ab
b23c912f881d3e4303a98e2b880fc8542aedec220f5a6b692cba104da4f044ce
b5bb69ab612d17c869650291fc20687bc70d0f0f408b2439b04bbd07b3818759
b892e0edca76867f9946a62be4662d8c39942e6c073a906dee80b5bd1f73e456
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf0576b87978f24f743e2c5191296d4b1c7eff84bc5e17af5c2ae96a22531abf
c2e2bb0b6070315a55bb04a3b8e78b4882c920b31f45058c625b17938305136b
ccc50aff4f14b31e92d031e24899a1b7bc2129b8d1bd46263a1ff4f75a4f50db
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd0e34d683a11d3431226903e938f9516038e0ab26f01c2f819834bf56c3781
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
da0e46fc532483472f5a5e68237f169e3fa1e0f7210e19e57272a474e8e2869b
dcca3eb133a9bdbcabd1688800dd0938171b30917c905860965e81d17edfd1b0
dde59a1158acd883021cd7f60b1f3fcd802df9698a6844a300a2f57827079cf7
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e07f38e53df79bf441c35c66c7812390bd8118ab453b863a6965fbffb6e3ed8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69f06b2ba5f100b1a6dfe78097c4bdea2bcd31f46821bc06c4accb7278aab86
eec62cb204dddbd71f19fe41f6f83588dafbc619df65da7f350a13a2ae50d992
eef09b821740b4f2c6b66fb9b0e509a9b5c37e3d5a5ca8fab31e563dba7e08e9
ef9f36dcdecc70bc43a7a3664704caefcab9863437e4876a4c536f4394ab7490
f11881a89ad5ebdbfe75b6a82c4f1359bef968b54a8e006b0b677688ecfeb581
f1f685418435cbe472eac9bd3144bf9a6885305cffe1e8f871291bec70959ace
fa541300b31b0e8d3ad43d929140081ddb8faf69b67453bed1284edc385d1af5
fb7238a43d12d8c6c8e5be18fce5569a7941caa2a7fc6f3d4843330cb541a3c1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.gamestar.de Open in urlscan Pro 2a03:7fc0:c000:1:185:12:50:67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

97 Requests

98 %HTTPS

69 %IPv6

11 Domains

16 Subdomains

14 IPs

3 Countries

2054 kBTransfer

5056 kBSize

3 Cookies

21 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gamestar.de Open in urlscan Pro
2a03:7fc0:c000:1:185:12:50:67 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

98 %
HTTPS

69 %
IPv6

11
Domains

16
Subdomains

14
IPs

3
Countries

2054 kB
Transfer

5056 kB
Size

3
Cookies

97 HTTP transactions
1 data transactions