gameforge.com Open in urlscan Pro
104.22.14.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gardendecor.space/
Effective URL:
https://gameforge.com/en-GB/play/nostale
Submission: On May 13 via manual (May 13th 2020, 11:43:51 pm UTC) from AU

Summary HTTP 58 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 21 domains to perform 58 HTTP transactions. The main IP is 104.22.14.121, located in United States and belongs to CLOUDFLARENET, US. The main domain is gameforge.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 23rd 2020. Valid for: 6 months.

This is the only time gameforge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	5.189.188.165 5.189.188.165	51167 (CONTABO) (CONTABO)
1	116.202.209.183 116.202.209.183	24940 (HETZNER-AS) (HETZNER-AS)
1 3	198.143.165.221 198.143.165.221	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	104.24.123.224 104.24.123.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.200.174.146 52.200.174.146	14618 (AMAZON-AES) (AMAZON-AES)
1 1	139.162.172.221 139.162.172.221	63949 (LINODE-AP...) (LINODE-AP Linode)
1 3	139.162.118.155 139.162.118.155	63949 (LINODE-AP...) (LINODE-AP Linode)
2 2	192.207.255.147 192.207.255.147	62821 (AS-MNX) (AS-MNX)
2 2	79.110.84.82 79.110.84.82	47195 (GAMEFORGE-AS) (GAMEFORGE-AS)
16	104.22.14.121 104.22.14.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
13	2a02:26f0:6c0... 2a02:26f0:6c00::210:baba	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
5	79.110.86.107 79.110.86.107	47195 (GAMEFORGE-AS) (GAMEFORGE-AS)
2	18.130.114.88 18.130.114.88	16509 (AMAZON-02) (AMAZON-02)
1	151.139.239.32 151.139.239.32	33438 (HIGHWINDS2) (HIGHWINDS2)
1	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:9000:20e... 2600:9000:20eb:a00:0:93e4:a640:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE)
2	79.110.87.202 79.110.87.202	47195 (GAMEFORGE-AS) (GAMEFORGE-AS)
4	79.110.82.166 79.110.82.166	47195 (GAMEFORGE-AS) (GAMEFORGE-AS)
58	17

3 5.189.188.165 (Nuremberg, Germany) 3 redirects

ASN51167 (CONTABO, DE)
PTR: vmi209434.contaboserver.net

gardendecor.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dekor.beautyt.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pinaboutall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.209.183 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.183.209.202.116.clients.your-server.de

fast-redirecting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.143.165.221 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

c.redirect750.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.24.123.224 (United States)

ASN13335 (CLOUDFLARENET, US)

yltenim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.174.146 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-174-146.compute-1.amazonaws.com

ranewita.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.172.221 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1489-221.members.linode.com

network.52441.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.162.118.155 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1602-155.members.linode.com

pix.excelead.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.207.255.147 (Monroe, United States) 2 redirects

ASN62821 (AS-MNX, US)
PTR: haproxy2.ad4game.com

ads.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.110.84.82 (Germany) 2 redirects

ASN47195 (GAMEFORGE-AS, DE)
PTR: s150.gfsrv.net

en.nostale.gameforge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.22.14.121 (United States)

ASN13335 (CLOUDFLARENET, US)

gameforge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:26f0:6c00::210:baba (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

secure-asset-delivery.gameforge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 79.110.86.107 (Germany)

ASN47195 (GAMEFORGE-AS, DE)
PTR: s172.gfsrv.net

s3-static.geo.gfsrv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gf1.geo.gfsrv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.130.114.88 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-114-88.eu-west-2.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.239.32 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

analytics-udg.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

ext.nonstoppartner.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:a00:0:93e4:a640:93a1 (United States)

ASN16509 (AMAZON-02, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.110.87.202 (Germany)

ASN47195 (GAMEFORGE-AS, DE)
PTR: delivery.ads.gfsrv.net

ads-delivery.gameforge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 79.110.82.166 (Germany)

ASN47195 (GAMEFORGE-AS, DE)

pixelzirkus.gameforge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	gameforge.com 2 redirects en.nostale.gameforge.com gameforge.com secure-asset-delivery.gameforge.com ads-delivery.gameforge.com pixelzirkus.gameforge.com	2 MB
5	gfsrv.net s3-static.geo.gfsrv.net gf1.geo.gfsrv.net	17 KB
3	google-analytics.com www.google-analytics.com	18 KB
3	excelead.net 1 redirects pix.excelead.net	2 KB
3	redirect750.us 1 redirects c.redirect750.us	6 KB
2	google.de www.google.de	212 B
2	google.com 2 redirects www.google.com	353 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	303 B
2	hellobar.com my.hellobar.com	38 KB
2	iesnare.com mpsnare.iesnare.com	14 KB
2	ad4game.com 2 redirects ads.ad4game.com	944 B
1	nonstoppartner.net ext.nonstoppartner.net	333 B
1	netdna-ssl.com analytics-udg.netdna-ssl.com	9 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	52441.com 1 redirects network.52441.com	254 B
1	ranewita.com 1 redirects ranewita.com	517 B
1	yltenim.com yltenim.com	4 KB
1	fast-redirecting.com fast-redirecting.com	9 KB
1	pinaboutall.com 1 redirects pinaboutall.com	502 B
1	beautyt.site 1 redirects dekor.beautyt.site	535 B
1	gardendecor.space 1 redirects gardendecor.space	299 B
58	21

	Domain	Requested by
16	gameforge.com	gameforge.com
13	secure-asset-delivery.gameforge.com	gameforge.com
4	pixelzirkus.gameforge.com	gameforge.com fast-redirecting.com
4	s3-static.geo.gfsrv.net	gameforge.com s3-static.geo.gfsrv.net
3	www.google-analytics.com	www.googletagmanager.com gameforge.com
3	pix.excelead.net	1 redirects
3	c.redirect750.us	1 redirects fast-redirecting.com c.redirect750.us
2	ads-delivery.gameforge.com	gameforge.com
2	www.google.de	gameforge.com
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	my.hellobar.com	www.googletagmanager.com my.hellobar.com
2	mpsnare.iesnare.com	gameforge.com mpsnare.iesnare.com
2	en.nostale.gameforge.com	2 redirects
2	ads.ad4game.com	2 redirects
1	gf1.geo.gfsrv.net	gameforge.com
1	ext.nonstoppartner.net	fast-redirecting.com
1	analytics-udg.netdna-ssl.com	www.googletagmanager.com
1	www.googletagmanager.com	gameforge.com
1	network.52441.com	1 redirects
1	ranewita.com	1 redirects
1	yltenim.com	c.redirect750.us
1	fast-redirecting.com
1	pinaboutall.com	1 redirects
1	dekor.beautyt.site	1 redirects
1	gardendecor.space	1 redirects
58	26

This site contains links to these domains. Also see Links.

Domain
en.nostale.gameforge.com
nostale.support.gameforge.com
board.en.nostale.gameforge.com
www.facebook.com
discordapp.com
agbserver.gameforge.com
corporate.gameforge.com
support.gameforge.com
www.youtube.com
twitter.com

Subject Issuer	Validity	Valid
fast-redirecting.com Let's Encrypt Authority X3	`2020-03-25` - `2020-06-23`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-21` - `2020-10-09`	8 months	crt.sh
gameforge.com CloudFlare Inc ECC CA-2	`2020-04-23` - `2020-10-09`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
secure-asset-delivery.gameforge.com Let's Encrypt Authority X3	`2020-05-05` - `2020-08-03`	3 months	crt.sh
s3-static.gameforge.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-13` - `2022-05-13`	2 years	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2019-04-24` - `2020-05-26`	a year	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-18` - `2021-03-18`	a year	crt.sh
*.nonstoppartner.net DigiCert SHA2 High Assurance Server CA	`2019-11-07` - `2021-12-01`	2 years	crt.sh
*.hellobar.com DigiCert SHA2 Secure Server CA	`2017-10-26` - `2020-12-07`	3 years	crt.sh
www.google.de GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.gameforge.com Thawte TLS RSA CA G1	`2019-10-15` - `2021-11-13`	2 years	crt.sh
gf1.geo.gfsrv.net GeoTrust RSA CA 2018	`2018-02-21` - `2020-12-29`	3 years	crt.sh

This page contains 4 frames:

Primary Page: https://gameforge.com/en-GB/play/nostale
Frame ID: 480D1B48BBFE35323169BBBA4C64FA44
Requests: 54 HTTP requests in this frame

Frame: https://gameforge.com/pz/pz-frame.html
Frame ID: 7831FABB83B389AA34B3BEEEB3EE2905
Requests: 2 HTTP requests in this frame

Frame: https://pixelzirkus.gameforge.com/do/simple
Frame ID: DF67DDC6A56EDE252D0FC48379627F09
Requests: 2 HTTP requests in this frame

Frame: https://pixelzirkus.gameforge.com/do/simple
Frame ID: 5C6A6596C3868981165A6C649F08285F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://gardendecor.space/ HTTP 302
http://dekor.beautyt.site/7-haus-diy-deko-ideen-ikea-trofast-hemnes/?utm_source= HTTP 302
http://pinaboutall.com/?utm_source= HTTP 302
https://fast-redirecting.com/sl/4a79a137?utm_source= Page URL
http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream... Page URL
http://c.redirect750.us/?utm_term=6826478555661075227&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
http://c.redirect750.us/proc.php?10bd3b17fb7d83c9ac3914f24dac60a93b409db8 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_... Page URL
http://ranewita.com/0-%7Bcampaign_id%7D-pyoyasdgsaasg?adTagId=ee795150-730c-11e8-800a-0ae8b840b1... HTTP 302
https://network.52441.com/traffic.php?c=PL&deviceid=&sysos=MacOS&source=morel-bovine HTTP 302
http://pix.excelead.net/click.php?c=111&key=8wjjggl892fe42pz351s87sp&m=4093281 HTTP 302
http://pix.excelead.net/jump/clk1.php?jl=5715192 Page URL
http://pix.excelead.net/jump/?jl=5715192 Page URL
https://ads.ad4game.com/www/delivery/dck.php?offerid=151&zoneid=67910&subid2=157131869&affid=4093281 HTTP 302
https://ads.ad4game.com/www/delivery/games.php?poolid=151&zoneid=67910&subid2=157131869&affid=4093281 HTTP 302
http://en.nostale.gameforge.com/news/index HTTP 302
https://en.nostale.gameforge.com/news/index HTTP 301
https://gameforge.com/en-GB/play/nostale Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

58
Requests

93 %
HTTPS

30 %
IPv6

21
Domains

26
Subdomains

17
IPs

6
Countries

2704 kB
Transfer

6530 kB
Size

3
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://en.nostale.gameforge.com/landing/partner?kid=1-09107-a9f69-1907-007071b0
Title: Game website

Search URL Search Domain Scan URL

URL: https://nostale.support.gameforge.com/en?pdl=%%TOKEN_SUPPORT%%
Title: Contact Support

Search URL Search Domain Scan URL

URL: https://board.en.nostale.gameforge.com/
Title: Game forum

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NosTale/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://discordapp.com/invite/TMU4Dtc
Title: Discord

Search URL Search Domain Scan URL

URL: https://agbserver.gameforge.com/enGB-Privacy-NosTale.html
Title: Privacy Policy (Gameforge 4D GmbH)

Search URL Search Domain Scan URL

URL: https://corporate.gameforge.com/?lang=en
Title: About Gameforge

Search URL Search Domain Scan URL

URL: https://corporate.gameforge.com/jobs/?lang=en
Title: Careers

Search URL Search Domain Scan URL

URL: https://corporate.gameforge.com/games/?lang=en
Title: Products

Search URL Search Domain Scan URL

URL: https://corporate.gameforge.com/partner_en/?lang=en
Title: Partners

Search URL Search Domain Scan URL

URL: https://corporate.gameforge.com/press/?lang=en
Title: Press

Search URL Search Domain Scan URL

URL: https://support.gameforge.com/
Title: Contact support

Search URL Search Domain Scan URL

URL: https://agbserver.gameforge.com/enGB-Switch-GF-Portal.html
Title: T&Cs

Search URL Search Domain Scan URL

URL: https://agbserver.gameforge.com/enGB-Privacy-GF-Portal.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://agbserver.gameforge.com/enGB-Imprint-GF-Portal.html
Title: Legal

Search URL Search Domain Scan URL

URL: https://corporate.gameforge.com/games/?lang=en#safe-play
Title: Safe Play

Search URL Search Domain Scan URL

URL: https://www.youtube.com/Gameforge

Search URL Search Domain Scan URL

URL: https://twitter.com/Gameforge

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gameforge/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gardendecor.space/ HTTP 302
http://dekor.beautyt.site/7-haus-diy-deko-ideen-ikea-trofast-hemnes/?utm_source= HTTP 302
http://pinaboutall.com/?utm_source= HTTP 302
https://fast-redirecting.com/sl/4a79a137?utm_source= Page URL
http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=babaa9e32f9aaa52c6c28622caf620e6 Page URL
http://c.redirect750.us/?utm_term=6826478555661075227&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b1b5b09a9ba9999e9ff0fcfcf7e3f2f7e7f1b89a9981848f9d95edd3e3a78e89808880dab2969ad0ffcec9f2c1c4f1f6f78087bfaec8c9ffcffdfbf2f3c0f0f4f7f4c5dadbc5 Page URL
http://c.redirect750.us/proc.php?10bd3b17fb7d83c9ac3914f24dac60a93b409db8 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6826478555661075227&ext1=965 Page URL
http://ranewita.com/0-%7Bcampaign_id%7D-pyoyasdgsaasg?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.05&fallbackUrl=http%3A%2F%2Ftryd.pro%2Fgo%2F216668%2F498903 HTTP 302
https://network.52441.com/traffic.php?c=PL&deviceid=&sysos=MacOS&source=morel-bovine HTTP 302
http://pix.excelead.net/click.php?c=111&key=8wjjggl892fe42pz351s87sp&m=4093281 HTTP 302
http://pix.excelead.net/jump/clk1.php?jl=5715192 Page URL
http://pix.excelead.net/jump/?jl=5715192 Page URL
https://ads.ad4game.com/www/delivery/dck.php?offerid=151&zoneid=67910&subid2=157131869&affid=4093281 HTTP 302
https://ads.ad4game.com/www/delivery/games.php?poolid=151&zoneid=67910&subid2=157131869&affid=4093281 HTTP 302
http://en.nostale.gameforge.com/news/index HTTP 302
https://en.nostale.gameforge.com/news/index HTTP 301
https://gameforge.com/en-GB/play/nostale Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gardendecor.space/ HTTP 302
http://dekor.beautyt.site/7-haus-diy-deko-ideen-ikea-trofast-hemnes/?utm_source= HTTP 302
http://pinaboutall.com/?utm_source= HTTP 302
https://fast-redirecting.com/sl/4a79a137?utm_source=

Request Chain 3

http://c.redirect750.us/proc.php?10bd3b17fb7d83c9ac3914f24dac60a93b409db8 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6826478555661075227&ext1=965

Request Chain 4

http://ranewita.com/0-%7Bcampaign_id%7D-pyoyasdgsaasg?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.05&fallbackUrl=http%3A%2F%2Ftryd.pro%2Fgo%2F216668%2F498903 HTTP 302
https://network.52441.com/traffic.php?c=PL&deviceid=&sysos=MacOS&source=morel-bovine HTTP 302
http://pix.excelead.net/click.php?c=111&key=8wjjggl892fe42pz351s87sp&m=4093281 HTTP 302
http://pix.excelead.net/jump/clk1.php?jl=5715192

Request Chain 41

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-141679886-4&cid=964930543.1589413403&jid=605194713&gjid=578360398&_gid=732549534.1589413404&_u=aHgAgAAD~&z=1559952052 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141679886-4&cid=964930543.1589413403&jid=605194713&_v=j82&z=1559952052 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141679886-4&cid=964930543.1589413403&jid=605194713&_v=j82&z=1559952052&slf_rd=1&random=2285062538

Request Chain 57

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-141679886-4&cid=964930543.1589413403&jid=545387452&gjid=1295507554&_gid=732549534.1589413404&_u=aHgAiAADB~&z=521767397 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141679886-4&cid=964930543.1589413403&jid=545387452&_v=j82&z=521767397 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141679886-4&cid=964930543.1589413403&jid=545387452&_v=j82&z=521767397&slf_rd=1&random=1161112091

58 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set 4a79a137
fast-redirecting.com/sl/
Redirect Chain

http://gardendecor.space/
http://dekor.beautyt.site/7-haus-diy-deko-ideen-ikea-trofast-hemnes/?utm_source=
http://pinaboutall.com/?utm_source=
https://fast-redirecting.com/sl/4a79a137?utm_source=

25 KB
9 KB

206ms
80ms

Document
text/html

116.202.209.183
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fast-redirecting.com/sl/4a79a137?utm_source=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.209.183 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.183.209.202.116.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Host: fast-redirecting.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 13 May 2020 23:43:16 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Expires: Sun, 01 Jan 2010 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: user_key=1597189396%7CZDZkZGU0ZGE5MmE4ZDM0NjdiOWQ3MGEwYzRiNDI2Mzg%3D%7Cdbbbf53afe837caae9249d4f0cc548be2a13698e; path=/; expires=Tue, 11-Aug-2020 23:43:16 UTC visited.4a79a137=1589672596%7CYToxOntpOjEzNDY7aToxO30%3D%7Ce440b56d42eebdcbd757a830fc8d5849b68c80a7; path=/; expires=Sat, 16-May-2020 23:43:16 UTC tracking.1.4a79a137=1589499796%7CMQ%3D%3D%7C43e6f7b90827fbfd4ed63465d90f466eceaf0fe5; path=/; expires=Thu, 14-May-2020 23:43:16 UTC tracking.1.4a79a137-1346=1589672596%7CMQ%3D%3D%7C55f1c72b8cf96f67de2f11de2f3ef6dfcc5f18a1; path=/; expires=Sat, 16-May-2020 23:43:16 UTC
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 13 May 2020 23:43:15 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.3.16
Set-Cookie: PHPSESSID=7e7120c24c8085baad10bca01b0a52f4; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 13 May 2020 23:43:15 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Location: https://fast-redirecting.com/sl/4a79a137?utm_source=

GET
H/1.1 200
OK Cookie set /
c.redirect750.us/ 3 KB
2 KB 311ms
278ms Document
text/html 198.143.165.221
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=babaa9e32f9aaa52c6c28622caf620e6
Requested by: Host: fast-redirecting.com
URL: https://fast-redirecting.com/sl/4a79a137?utm_source=
Protocol: HTTP/1.1
Server: 198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/7.3.4
Resource Hash

Request headers

Host: c.redirect750.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Wed, 13 May 2020 23:43:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.4
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: u=cbbe26e8573c24c340f8eaed73c03bdc; expires=Thu, 13-May-2021 23:43:16 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip

GET
H/1.1 200
OK / Show response
c.redirect750.us/ 9 KB
3 KB 161ms
160ms Document
text/html 198.143.165.221
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://c.redirect750.us/?utm_term=6826478555661075227&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b1b5b09a9ba9999e9ff0fcfcf7e3f2f7e7f1b89a9981848f9d95edd3e3a78e89808880dab2969ad0ffcec9f2c1c4f1f6f78087bfaec8c9ffcffdfbf2f3c0f0f4f7f4c5dadbc5
Requested by: Host: c.redirect750.us
URL: http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=babaa9e32f9aaa52c6c28622caf620e6
Protocol: HTTP/1.1
Server: 198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/7.3.4
Resource Hash: c6f2f77a03f12b1a03a58f305dba0ebe8e9b5383faf768db1d0f6a8129da3d2a

Request headers

Host: c.redirect750.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=babaa9e32f9aaa52c6c28622caf620e6
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: u=cbbe26e8573c24c340f8eaed73c03bdc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=babaa9e32f9aaa52c6c28622caf620e6

Response headers

Server: nginx
Date: Wed, 13 May 2020 23:43:17 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.4
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip

GET
H2

200

JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_ Show response
yltenim.com/nh4ea/ciqM/fC6c/
Redirect Chain

http://c.redirect750.us/proc.php?10bd3b17fb7d83c9ac3914f24dac60a93b409db8
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6826478555661075227&ext1=965

6 KB
4 KB

350ms
210ms

Document
text/html

104.24.123.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6826478555661075227&ext1=965
Requested by: Host: c.redirect750.us
URL: http://c.redirect750.us/?utm_term=6826478555661075227&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b1b5b09a9ba9999e9ff0fcfcf7e3f2f7e7f1b89a9981848f9d95edd3e3a78e89808880dab2969ad0ffcec9f2c1c4f1f6f78087bfaec8c9ffcffdfbf2f3c0f0f4f7f4c5dadbc5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.123.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54eda386d7d8c7efdf22bf74e0cf769d4cc0ea299079263c7fd0e9e9eb89087c

Request headers

:method: GET
:authority: yltenim.com
:scheme: https
:path: /nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6826478555661075227&ext1=965
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://c.redirect750.us/?utm_term=6826478555661075227&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b1b5b09a9ba9999e9ff0fcfcf7e3f2f7e7f1b89a9981848f9d95edd3e3a78e89808880dab2969ad0ffcec9f2c1c4f1f6f78087bfaec8c9ffcffdfbf2f3c0f0f4f7f4c5dadbc5
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://c.redirect750.us/?utm_term=6826478555661075227&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b1b5b09a9ba9999e9ff0fcfcf7e3f2f7e7f1b89a9981848f9d95edd3e3a78e89808880dab2969ad0ffcec9f2c1c4f1f6f78087bfaec8c9ffcffdfbf2f3c0f0f4f7f4c5dadbc5#

Response headers

status: 200
date: Wed, 13 May 2020 23:43:18 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d44aaae1d9097f814bf4175d603ce18921589413398; expires=Fri, 12-Jun-20 23:43:18 GMT; path=/; domain=.yltenim.com; HttpOnly; SameSite=Lax TR7A3jMiISYwstsFmTB2nnIHQbldWUy4oIejVz55dlg%3D=fe161437830a9169c0ac49bca53fdebf_1589413398.2898; domain=yltenim.com; path=/; expires=Sat, 11-May-2030 23:43:18 UTC b5lq9eygwZllzl4luI4VBgQgNE5fCh5dQrQRotUx370%3D=1589413398.293; domain=yltenim.com; path=/; expires=Sat, 11-May-2030 23:43:18 UTC vHgNpuORtFmyejMz%2Fu4SCq%2BJuUygP9Fo7yvtcHxZqjM%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3WkxlMFlhaEI3amxySDhVb1pCcHQwZk5iaDM4eElLQkkxWFNKVWVpclk3cg%3D%3D; domain=yltenim.com; path=/; expires=Sat, 11-May-2030 23:43:18 UTC fe161437830a9169c0ac49bca53fdebf_1589413398.2898_ck=N3hQZmdab3cweW53akh4UnJQSEhNREtMZk9YOWtBaEdJZy95RTdSRi9rb2k1M1BQWjQySklvQjZqbG9XRFRMNFFXL0JPeFR1K01mMlBYTDAwTVdRUThXNmRWaWY5N2ZRcU5yMjVoQ2g0T05QUlJ3R3ZYYzJSMUZpcUtkc2NPSWFEdHhjOVdaSjJQZ1hQeTVDamtGaFdPeWVzK05aSU1FYkpDVlQ4WFhSd0ZhRGtDeWhyWHRkaVhoMFlXQjZ3cXpFMFBaMW5keTJyL3hMTkV6RXdsLzFVZ0RTZUkvR09YYlVUelo5ejVJRVhaMkpzbmFjZ3EvRFA1MG1VVExBM1M1T05STXREeHhjTVVOK0lYbmlsSHZWSytGWUI0TTN6clR1aVBiaExPcjgzVkxkQXlSV21vOHNGcmlydEtCNGIzVTF4ZmdXVVNRMHNCaHZuSWVUYzVmNDYxL3JPNE1pakhranJJOE9ia1RlNzhNamJjNGdoKzFHM0h3ZjhlNUtPd0VYRlh0K0RLVTJpZG1zQWhmNWRBMzRHQVJ1eDRoallnaUFUeDFSUkwwd3NpcEVHcVg0dkpMeUtBcDlQUUZob05mOHNnMjJ2VytrRjhyUkdkSERMM0dNWHRWUWhmaTFBMUY0OXRtWG1FeTM1eUVkanpHby92ZzJhQ2t0dkVaQU5NWEs4OTkxa2JWYVN5MlppNGRkaVJBZ0V1Mkp5NUtObnRLdUs1L2EzMUVRbVFvQ2c3dnc2L3E0ajRiNW9GbGVveE9YNTBMN1VMRkttd1RoNkZpUnYvYjhlYmxWTEdFU3dvV3pKZjRnZiswTnQvMDVISkJyeDlmM01CUGJMdHRYR3pwM2VJSTQzMENKWmg2amVSUkdiQUNBY0FmMzlvSm1saGxOMVlaK1lUNnNWTWNVcDZnQzBOdGxiaGIvWDZOV1pCZEwrTHgyQzdwNmp2QWNhRDhrSGQ1azlSUmhwREZEVVpnbEMrN3VsNkpBRHlHaXpwMVhpVGtNSU1meXp1QXJpSzJRWWpGWkh6SjBJTlNoWTZkM3ZWRlZNK0lvRWpVeVI5U1V4Y21ZR1Q2Ryt2R2tleXhQOG9NMjVQcVVQL1E5RG1QOTJjV25pMXBVRE9SQW5ZZ2dFSjVDNlAxVU9COXNUeE1tbjQ4OFU3QzBzeWlJb0FjQUpjbWZwWGVabUtVUVhoNlBTb0pJQmlWMTk0ZFNiYzVHa0doMkRnUkZRU0orSTZkSktUNmhkVjQwWEZVVFl1bmRVY3BUdEYrY005YkhQUy8vUy81YlczVUVzL2hvdGVXc0I4OFRlTjdtRzB6YWFpeS9pQXNYTEFMWEJEczl1dGRaUnFWbW0xZ212eGN3UkhvaThBN25ZbzZ0OFRvWU9pZE9RTVV6c2IyZlNQN2hLd2RZQVRxUGNuM2VhRS9MMVAyaWc3UDNuNitkZDltbUpvT0xnNzFoUWpEQzNmK2grQmR3ZXVndFRoUFA2eC9DTE9JZkdvUjlQR3lNeGxQQ3dXS2Z1TWpyQWViNUJhN3pBSCtEM2Q5TUx1clF4bEVZUSt0SE1XNExoZ0pQRmkvSzkwSkZqaWhkS3dNbGlsaFdWcmQ4QytCc29TOVpoa1E1ajJIWkxVZzlnK0h1WDhXYUVUSjNtaHhwMGlDSFQ4c3FXT01QSitnMVFta2FYNEE9; domain=yltenim.com; path=/; expires=Sat, 11-May-2030 23:43:18 UTC f%2BNxABd9BuS%2BD6mZ%2FBtNNoR%2BezmypWHgySeOvF3EM0s%3D=UnZORlNJQkFoSHRlL0dmU1lYVk9VcEJtYmFQTFpMVEEvQkQ2WHdhNWhlN2ZzRU0wT1o3SVVCWFVCcUorTWJqSmFPWitQZURNd28xK2hTWlZTU0NWUlRwV1JmV2ViQ0IvV2k0bzlyc0dJZzQ9; domain=yltenim.com; path=/; expires=Thu, 14-May-2020 00:48:18 UTC SERVERID=sfc112; path=/
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 59303dab2b1504a7-CDG
cf-request-id: 02b204def5000004a77b051200000001

Redirect headers

Server: nginx
Date: Wed, 13 May 2020 23:43:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.4
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6826478555661075227&ext1=965

GET
H/1.1

200
OK

clk1.php
pix.excelead.net/jump/
Redirect Chain

http://ranewita.com/0-%7Bcampaign_id%7D-pyoyasdgsaasg?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.05&fallbackUrl=http%3A%2F%2Ftryd.pro%2Fgo%2F216668%2F498903
https://network.52441.com/traffic.php?c=PL&deviceid=&sysos=MacOS&source=morel-bovine
http://pix.excelead.net/click.php?c=111&key=8wjjggl892fe42pz351s87sp&m=4093281
http://pix.excelead.net/jump/clk1.php?jl=5715192

392 B
619 B

601ms
569ms

Document
text/html

139.162.118.155
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://pix.excelead.net/jump/clk1.php?jl=5715192
Protocol: HTTP/1.1
Server: 139.162.118.155 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1602-155.members.linode.com
Software: Apache / PHP/5.5.38
Resource Hash

Request headers

Host: pix.excelead.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: https://yltenim.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: offerLink=Xg7cy1I8aPuVCsQ%2BhP8chSJWrRK8eIVj4IBrNMHavNNHPL7TOEKOkyunJb%2B7OBF%2BYTUGw1FX%2FyjLgRdLabXNLsPOXMHTMO5Ga6fzeI5QqXLH2lnGtq6Q4vfSzQl2qDtEYpD96TT6fLPvqlJzu%2F9fIVfBdjngbFGM%2FaUwe3ZHAnU%3D; IMT1589413391845=fi5cAjGdTD31IZLhmU%2BT1SrOiWSDNpRTO0cw3W1bXGU%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://yltenim.com/nh4ea/ciqM/Zzuf/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_/ICqa0ICNQN3fDgEgFEvTwFUk_FGRq_4?ori=112x&ex=6&pbi=5ebc861661eac8.730751005

Response headers

Date: Wed, 13 May 2020 23:43:12 GMT
Server: Apache
X-Powered-By: PHP/5.5.38
P3P: CP="This site does not have a p3p policy."
Content-Length: 392
Connection: close
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Wed, 13 May 2020 23:43:11 GMT
Server: Apache
X-Powered-By: PHP/5.5.38
Set-Cookie: offerLink=Xg7cy1I8aPuVCsQ%2BhP8chSJWrRK8eIVj4IBrNMHavNNHPL7TOEKOkyunJb%2B7OBF%2BYTUGw1FX%2FyjLgRdLabXNLsPOXMHTMO5Ga6fzeI5QqXLH2lnGtq6Q4vfSzQl2qDtEYpD96TT6fLPvqlJzu%2F9fIVfBdjngbFGM%2FaUwe3ZHAnU%3D; expires=Thu, 14-May-2020 00:43:11 GMT; Max-Age=3600; path=/; domain=pix.excelead.net IMT1589413391845=fi5cAjGdTD31IZLhmU%2BT1SrOiWSDNpRTO0cw3W1bXGU%3D; expires=Fri, 15-May-2020 05:43:11 GMT; Max-Age=108000; path=/; domain=pix.excelead.net
Location: http://pix.excelead.net/jump/clk1.php?jl=5715192
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK / Show response
pix.excelead.net/jump/ 512 B
739 B 695ms
664ms Document
text/html 139.162.118.155
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://pix.excelead.net/jump/?jl=5715192
Protocol: HTTP/1.1
Server: 139.162.118.155 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1602-155.members.linode.com
Software: Apache / PHP/5.5.38
Resource Hash: 361620ea4764f300ca3ad3e0332b8c72d2eeca560ed7f3d973057d0d9647c0bc

Request headers

Host: pix.excelead.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://pix.excelead.net/jump/clk1.php?jl=5715192
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://pix.excelead.net/jump/clk1.php?jl=5715192

Response headers

Date: Wed, 13 May 2020 23:43:13 GMT
Server: Apache
X-Powered-By: PHP/5.5.38
P3P: CP="This site does not have a p3p policy."
Content-Length: 512
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2

200

Primary Request nostale Show response
gameforge.com/en-GB/play/
Redirect Chain

https://ads.ad4game.com/www/delivery/dck.php?offerid=151&zoneid=67910&subid2=157131869&affid=4093281
https://ads.ad4game.com/www/delivery/games.php?poolid=151&zoneid=67910&subid2=157131869&affid=4093281
http://en.nostale.gameforge.com/news/index
https://en.nostale.gameforge.com/news/index
https://gameforge.com/en-GB/play/nostale

173 KB
47 KB

215ms
76ms

Document
text/html

104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gameforge.com/en-GB/play/nostale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ecb2f98eed5cb8da6034f182d158f19cfd8ee56aa79de0fd8ff573c009a4d221

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

:method: GET
:authority: gameforge.com
:scheme: https
:path: /en-GB/play/nostale
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://pix.excelead.net/jump/?jl=5715192
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://pix.excelead.net/jump/?jl=5715192

Response headers

status: 200
date: Wed, 13 May 2020 23:43:23 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d94bb0da8d12d8e38d061a344638bf5171589413403; expires=Fri, 12-Jun-20 23:43:23 GMT; path=/; domain=.gameforge.com; HttpOnly; SameSite=Lax
vary: Accept-Encoding Origin
x-powered-by: Express
access-control-allow-credentials: true
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=180
link: </js/vendors.de19.js>; as=script; rel=preload, </js/app.6a57.js>; as=script; rel=preload, </js/obsolete.bea4.js>; as=script; rel=preload, </js/bundles/shop.7ddf.js>; as=script; rel=preload
strict-transport-security: max-age=15724800
cf-cache-status: HIT
age: 145
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 59303dca6b5ffa64-AMS
content-encoding: gzip
cf-h2-pushed: </js/vendors.de19.js>,</js/app.6a57.js>,</js/obsolete.bea4.js>,</js/bundles/shop.7ddf.js>
cf-request-id: 02b204f27e0000fa6469853200000001

Redirect headers

Date: Wed, 13 May 2020 23:43:23 GMT
Server: Apache
Location: https://gameforge.com/en-GB/play/nostale
Cache-Control: max-age=0
Expires: Wed, 13 May 2020 23:43:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 vendors.de19.js Show response
gameforge.com/js/ 1 MB
351 KB 45ms
0ms Script
application/javascript 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gameforge.com/js/vendors.de19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

09f6c1e491fed2aa9bd7f359b47daa1dd98fb0db4548c7ef3762de89b1d9a78d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 23:43:23 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: HIT
age: 915
x-powered-by: Express
status: 200
cf-request-id: 02b204f28b0000fa6469854200000001
last-modified: Thu, 26 Mar 2020 11:32:55 GMT
server: cloudflare
etag: W/"12766d-171169dd658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 59303dca7b78fa64-AMS

GET
H2 200 app.6a57.js Show response
gameforge.com/js/ 3 MB
908 KB 47ms
0ms Script
application/javascript 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gameforge.com/js/app.6a57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f092ba5868a2cec970d4e985ff8b68eb9270c5fd43d84e69ea207149a51157ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 23:43:23 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: HIT
age: 768
x-powered-by: Express
status: 200
cf-request-id: 02b204f28b0000fa6469855200000001
last-modified: Thu, 26 Mar 2020 11:32:55 GMT
server: cloudflare
etag: W/"35561c-171169dd658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 59303dca7b7bfa64-AMS

GET
H2 200 obsolete.bea4.js Show response
gameforge.com/js/ 12 KB
5 KB 35ms
0ms Script
application/javascript 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gameforge.com/js/obsolete.bea4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

497053fce9bddf8c3306bbeca39dbe04a0602e7500bc5ee55fb0cdccb4acf7b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 23:43:23 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: HIT
age: 915
x-powered-by: Express
status: 200
cf-request-id: 02b204f28b0000fa6469856200000001
last-modified: Thu, 26 Mar 2020 11:32:55 GMT
server: cloudflare
etag: W/"30c4-171169dd658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 59303dca7b7cfa64-AMS

GET
H2 200 shop.7ddf.js Show response
gameforge.com/js/bundles/ 52 KB
13 KB 54ms
0ms Script
application/javascript 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gameforge.com/js/bundles/shop.7ddf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d3773cf9d2cff6a730c64c7fcd4b78d8119fbc05e791648e7523cdfd24c5aa87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 23:43:23 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: HIT
age: 915
x-powered-by: Express
status: 200
cf-request-id: 02b204f28b0000fa6469857200000001
last-modified: Thu, 26 Mar 2020 11:32:55 GMT
server: cloudflare
etag: W/"d1c6-171169dd658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 59303dca7b7efa64-AMS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 105 KB
35 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-THNP3BQ

Requested by

Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e80326b6cf36a89c3ddf6776044212f2ccd36e5b9ae2d5cd135ac682f9fad90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 23:43:23 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35843
x-xss-protection: 0
last-modified: Wed, 13 May 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 May 2020 23:43:23 GMT

GET
H2 200 gameforge-logo.c354.svg
gameforge.com/images/ 7 KB
3 KB 155ms
155ms Image
image/svg+xml 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gameforge.com/images/gameforge-logo.c354.svg

Requested by

Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

bd7ca95e0d131e847aaf8e9719e3fe71849df51ca886e48819a76ef6fb4bd73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 23:43:23 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: HIT
age: 915
x-powered-by: Express
status: 200
cf-request-id: 02b204f2f70000fa646985a200000001
last-modified: Thu, 26 Mar 2020 11:32:55 GMT
server: cloudflare
etag: W/"1a6e-171169dd658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: image/svg+xml
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 59303dcb2c41fa64-AMS

GET
H/1.1 200
OK 11EZuBbI9Ss_big.jpg
secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ 165 KB
166 KB 34ms
7ms Image
image/jpeg 2a02:26f0:6c00::210:baba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/11EZuBbI9Ss_big.jpg
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baba , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: c5a31da9236229e56d39dc9b3a733d24518fc592d4081912067bb7f966f8b8ce

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:23 GMT
Last-Modified: Mon, 29 Jul 2019 12:02:12 GMT
Server: nginx
ETag: "09691dcd64d9d50679a7f57cffd543e3"
X-Cache-Status: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 169400
Expires: Wed, 13 May 2020 23:45:23 GMT

GET
H/1.1 200
OK o2kOgtVU884_big.jpg
secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ 153 KB
153 KB 35ms
8ms Image
image/jpeg 2a02:26f0:6c00::210:baba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/o2kOgtVU884_big.jpg
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baba , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 1c0da02d25206348606b7c9f7d714f9d365fe6895a08a85730797d8a6328b496

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:23 GMT
Last-Modified: Mon, 29 Jul 2019 12:02:12 GMT
Server: nginx
ETag: "84cb72f40287b99990171016b5c77269"
X-Cache-Status: REVALIDATED
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 156280
Expires: Wed, 13 May 2020 23:45:23 GMT

GET
H2 200 navbar-background.b63c.jpg
gameforge.com/images/ 2 KB
2 KB 154ms
153ms Image
image/jpeg 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gameforge.com/images/navbar-background.b63c.jpg

Requested by

Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b2514905e83208a4a58f0095fd980d143797db4bb05cc59d5ec83a041c8460e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://gameforge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 23:43:23 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 915
x-powered-by: Express
status: 200
content-length: 2157
cf-request-id: 02b204f2ff0000fa646985b200000001
last-modified: Thu, 26 Mar 2020 11:32:55 GMT
server: cloudflare
etag: W/"86d-171169dd658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: image/jpeg
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 59303dcb3c54fa64-AMS
cf-bgj: h2pri

GET
H2 200 noto-sans-v9-latin_greek-ext_cyrillic_latin-ext_cyrillic-ext_greek-regular.562c.woff2
gameforge.com/fonts/ 153 KB
154 KB 153ms
153ms Font
font/woff2 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gameforge.com/fonts/noto-sans-v9-latin_greek-ext_cyrillic_latin-ext_cyrillic-ext_greek-regular.562c.woff2

Requested by

Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

16bb3d8fb5c371c9e4fa6b5f313c0a5e2edd911c0ce6d0f9c3cee01e9560a2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://gameforge.com/
Origin: https://gameforge.com

Response headers

date: Wed, 13 May 2020 23:43:23 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 1863
x-powered-by: Express
status: 200
content-length: 156884
cf-request-id: 02b204f3000000fa646985c200000001
last-modified: Thu, 26 Mar 2020 11:32:55 GMT
server: cloudflare
etag: W/"264d4-171169dd658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: font/woff2
access-control-allow-origin: https://gameforge.com
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 59303dcb3c58fa64-AMS
cf-bgj: h2pri

GET
H2 200 gameforge-logo-small.0f4d.png
gameforge.com/images/ 1 KB
1 KB 73ms
70ms Image
image/png 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gameforge.com/images/gameforge-logo-small.0f4d.png

Requested by

Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c3da5e60f548782922823d2eaeaf7853b2c3d47b24f0a5c0aa1c9f03cdcd89f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 23:43:23 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 768
x-powered-by: Express
status: 200
content-length: 1304
cf-request-id: 02b204f3a10000fa6469866200000001
last-modified: Thu, 26 Mar 2020 11:32:55 GMT
server: cloudflare
etag: W/"518-171169dd658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 59303dcc3d9afa64-AMS

GET
H2 200 pz-bootstrap.js Show response
gameforge.com/pz/ 1 KB
766 B 149ms
147ms Script
application/javascript 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gameforge.com/pz/pz-bootstrap.js

Requested by

Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4656caa5868bdd56b5903d1a67723f85a8b164ea13a6444b20c12671fc5002ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 23:43:23 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: HIT
age: 915
x-powered-by: Express
status: 200
cf-request-id: 02b204f30f0000fa646985d200000001
last-modified: Thu, 26 Mar 2020 11:32:55 GMT
server: cloudflare
etag: W/"54f-171169dd658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 59303dcb4c73fa64-AMS

GET
H2 200 pz-frame.html Show response
gameforge.com/pz/ Frame 7831 2 KB
769 B 149ms
148ms Document
text/html 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gameforge.com/pz/pz-frame.html

Requested by

Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0198d220ed1b844f92f1bde4a00a5084bda74803f7016e8f5157e6ee24ffb873

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

:method: GET
:authority: gameforge.com
:scheme: https
:path: /pz/pz-frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gameforge.com/en-GB/play/nostale
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dddc7d6307b971a985a07497f29d0149a1589413403
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://gameforge.com/en-GB/play/nostale

Response headers

status: 200
date: Wed, 13 May 2020 23:43:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Origin
x-powered-by: Express
access-control-allow-credentials: true
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=3600
last-modified: Thu, 26 Mar 2020 11:32:55 GMT
strict-transport-security: max-age=15724800
cf-cache-status: HIT
age: 915
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 59303dcb4c75fa64-AMS
content-encoding: gzip
cf-request-id: 02b204f30f0000fa646985e200000001

GET
H2 200 background.39e1.jpg
gameforge.com/images/ 36 KB
36 KB 90ms
90ms Image
image/jpeg 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gameforge.com/images/background.39e1.jpg

Requested by

Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0469227fa230db0b0ed292423d49eea1821ad6ab67319235531c19e9e05c6128

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://gameforge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 23:43:23 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 915
x-powered-by: Express
status: 200
content-length: 37014
cf-request-id: 02b204f34c0000fa6469861200000001
last-modified: Thu, 26 Mar 2020 11:32:55 GMT
server: cloudflare
etag: W/"9096-171169dd658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: image/jpeg
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 59303dcbacf3fa64-AMS
cf-bgj: h2pri

GET
H2 200 noto-sans-v9-latin_greek-ext_cyrillic_latin-ext_cyrillic-ext_greek-700.c66b.woff2
gameforge.com/fonts/ 152 KB
152 KB 143ms
143ms Font
font/woff2 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gameforge.com/fonts/noto-sans-v9-latin_greek-ext_cyrillic_latin-ext_cyrillic-ext_greek-700.c66b.woff2

Requested by

Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6a2f4003a98a3d8b367702823291c5e43078623288deff831d9d83c8f2db9b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://gameforge.com/
Origin: https://gameforge.com

Response headers

date: Wed, 13 May 2020 23:43:23 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 2367
x-powered-by: Express
status: 200
content-length: 155152
cf-request-id: 02b204f3150000fa646985f200000001
last-modified: Thu, 26 Mar 2020 11:32:55 GMT
server: cloudflare
etag: W/"25e10-171169dd658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: font/woff2
access-control-allow-origin: https://gameforge.com
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 59303dcb5c84fa64-AMS
cf-bgj: h2pri

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THNP3BQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 3888
date: Wed, 13 May 2020 22:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Thu, 14 May 2020 00:38:35 GMT

GET
H/1.1 200
OK version.json Show response
s3-static.geo.gfsrv.net/cookiebanner/ 20 B
400 B 503ms
51ms XHR
application/json 79.110.86.107
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-static.geo.gfsrv.net/cookiebanner/version.json
Requested by: Host: gameforge.com
URL: https://gameforge.com/pz/pz-bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.86.107 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS: s172.gfsrv.net
Software: nginx /
Resource Hash: 0b561fd56d375b2c3cce7b5ce73605d405291ce2cbb1ac016945384fc5ea68e5

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Last-Modified: Wed, 18 Mar 2020 09:08:43 GMT
Server: nginx
ETag: "caf337cc0927e7e0972d1d57d35c43ad"
X-Cache-Status: HIT
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20
Expires: Thu, 14 May 2020 02:43:24 GMT

GET
H2 200 en Show response
gameforge.com/api/v1/config/interstitial/ 41 B
263 B 91ms
90ms Fetch
application/json 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gameforge.com/api/v1/config/interstitial/en

Requested by

Host: gameforge.com
URL: https://gameforge.com/js/vendors.de19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a5cb48ed3578c85997eaf1f6809905aa71fb94b960e50debad261ba521b5375c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://gameforge.com/en-GB/play/nostale
TNT-Installation-Id

Response headers

date: Wed, 13 May 2020 23:43:24 GMT
vary: Authorization, Origin
cf-cache-status: DYNAMIC
x-powered-by: Express
status: 200
content-length: 41
cf-request-id: 02b204f64f0000fa646987e200000001
x-request-id: 5c3c4ed87e59c8b539787326db9d6f92
server: cloudflare
etag: "29-pmH+7A+jDRb5EHN0CdWJpOHJYqs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: application/json; charset=utf-8
access-control-expose-headers: Content-Type,Authorization
access-control-allow-credentials: true
cf-ray: 59303dd079f4fa64-AMS

GET
H/1.1 200
OK snare.js Show response
mpsnare.iesnare.com/ 38 KB
13 KB 217ms
79ms Script
text/javascript 18.130.114.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/snare.js

Requested by

Host: gameforge.com
URL: https://gameforge.com/js/app.6a57.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.130.114.88 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-130-114-88.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

520e96c62c39c9fe7bd56f2f82f8ad52013996130832c70c24f282e75fbb9517

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 May 2020 23:43:24 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

GET
H2 200 purchaseables Show response
gameforge.com/api/v1/user/product/nostale/ 2 B
139 B 101ms
101ms Fetch
application/json 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gameforge.com/api/v1/user/product/nostale/purchaseables?language=en

Requested by

Host: gameforge.com
URL: https://gameforge.com/js/vendors.de19.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://gameforge.com/en-GB/play/nostale
TNT-Installation-Id

Response headers

date: Wed, 13 May 2020 23:43:24 GMT
vary: Authorization, Origin
cf-cache-status: DYNAMIC
x-powered-by: Express
status: 200
content-length: 2
cf-request-id: 02b204f65e0000fa6469880200000001
x-request-id: a679cd3e9ca3d613206ca2efc4c7e164
server: cloudflare
etag: "2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: application/json; charset=utf-8
access-control-expose-headers: Content-Type,Authorization
access-control-allow-credentials: true
cf-ray: 59303dd09a13fa64-AMS

GET
H/1.1 200
OK GxyCRdd27HRvdY4S91rpObkEjFSrvCjZvKMYHVt0.jpeg
secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ 113 KB
113 KB 14ms
9ms Image
image/jpeg 2a02:26f0:6c00::210:baba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/GxyCRdd27HRvdY4S91rpObkEjFSrvCjZvKMYHVt0.jpeg
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baba , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 0685b2d5b247e0f29152283ab4d55b5553b926194dc480a0c3f817f6fee48e85

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Last-Modified: Mon, 29 Jul 2019 12:02:14 GMT
Server: nginx
ETag: "4b65aea26fb71fc0b999bf4c13b27aab"
X-Cache-Status: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 115810
Expires: Wed, 13 May 2020 23:45:24 GMT

GET
H/1.1 200
OK ss_31b709d2a2ddc4a178bfbd2dfd5446fb3f530ae9.1920x1080_1562237738.jpg
secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ 52 KB
52 KB 14ms
9ms Image
image/jpeg 2a02:26f0:6c00::210:baba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ss_31b709d2a2ddc4a178bfbd2dfd5446fb3f530ae9.1920x1080_1562237738.jpg
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baba , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 734bd31b8e1b4cf4500b8a37a30d435d99f4e329fb9b3bb5de87892dae09d202

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Last-Modified: Tue, 30 Jul 2019 13:51:28 GMT
Server: nginx
ETag: "efe2ba414eae4d2ccc9ca56f3a412dc0"
X-Cache-Status: REVALIDATED
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52790
Expires: Wed, 13 May 2020 23:45:24 GMT

GET
H/1.1 200
OK ss_ddfb5c84c244f07e39895ec805c02494acc60ba3.1920x1080_1562237738.jpg
secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ 41 KB
41 KB 26ms
7ms Image
image/jpeg 2a02:26f0:6c00::210:baba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ss_ddfb5c84c244f07e39895ec805c02494acc60ba3.1920x1080_1562237738.jpg
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baba , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 877b0bf9846fc0126b9f6f22e1d10d0a8b346f84e104107ddf96c424b4fbd904

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Last-Modified: Tue, 30 Jul 2019 13:52:59 GMT
Server: nginx
ETag: "0983868ae4ffdfd043f96b26586c1719"
X-Cache-Status: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41692
Expires: Wed, 13 May 2020 23:45:24 GMT

GET
H/1.1 200
OK ss_b3555b0090cbc64a927e200dcc4e769122301d1b.1920x1080_1562237738.jpg
secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ 35 KB
36 KB 24ms
7ms Image
image/jpeg 2a02:26f0:6c00::210:baba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ss_b3555b0090cbc64a927e200dcc4e769122301d1b.1920x1080_1562237738.jpg
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baba , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 74db57644711b01e7f47059d69861a17bc563ba69913a19cc6bf9bcfea4513d2

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Last-Modified: Tue, 30 Jul 2019 13:57:00 GMT
Server: nginx
ETag: "96855e2495328965f9ca3f147585c699"
X-Cache-Status: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36149
Expires: Wed, 13 May 2020 23:45:24 GMT

GET
H/1.1 200
OK ss_cf44caf0a4e5103f0a313633c63762fa5749a17c.1920x1080_1562237738.jpg
secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ 57 KB
57 KB 44ms
18ms Image
image/jpeg 2a02:26f0:6c00::210:baba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ss_cf44caf0a4e5103f0a313633c63762fa5749a17c.1920x1080_1562237738.jpg
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baba , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: eae2662023b025d8d0e651af023bcd88902786a9d97b99431dce0bae473fbf92

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Last-Modified: Tue, 30 Jul 2019 13:57:01 GMT
Server: nginx
ETag: "19092b49fd250276c2617668c7875f75"
X-Cache-Status: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58192
Expires: Wed, 13 May 2020 23:45:24 GMT

GET
H/1.1 200
OK ss_fd12a4ec75cddae1c2b5bc85170e3b3ce8ad170c.1920x1080_1562237738.jpg
secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ 46 KB
47 KB 46ms
21ms Image
image/jpeg 2a02:26f0:6c00::210:baba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ss_fd12a4ec75cddae1c2b5bc85170e3b3ce8ad170c.1920x1080_1562237738.jpg
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baba , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 4ba8fe9e9cef5c437b4685ca79b56b276dd5152ad1a961722e44f78a7600e577

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Last-Modified: Tue, 30 Jul 2019 13:57:01 GMT
Server: nginx
ETag: "04fbc8c2dcdcd8bd8e0610cddddafbb3"
X-Cache-Status: REVALIDATED
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47324
Expires: Wed, 13 May 2020 23:45:24 GMT

GET
H/1.1 200
OK ss_c7011a5191e49a360f58cf5e79d386a6bc7c4172.1920x1080_1562237738.jpg
secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ 43 KB
43 KB 20ms
17ms Image
image/jpeg 2a02:26f0:6c00::210:baba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ss_c7011a5191e49a360f58cf5e79d386a6bc7c4172.1920x1080_1562237738.jpg
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baba , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 1a1f5d531b16f2cf16ab4968fdee5f731c50294783d15087bf0fc55079522738

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Last-Modified: Tue, 30 Jul 2019 13:57:01 GMT
Server: nginx
ETag: "6e09cd99fe300fe924b5a3ce27e564c4"
X-Cache-Status: REVALIDATED
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43985
Expires: Wed, 13 May 2020 23:45:24 GMT

GET
H/1.1 200
OK ss_e90bec3b26479c9d9172c424cba64f8b8a969bda.1920x1080_1562237738.jpg
secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ 56 KB
56 KB 36ms
7ms Image
image/jpeg 2a02:26f0:6c00::210:baba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ss_e90bec3b26479c9d9172c424cba64f8b8a969bda.1920x1080_1562237738.jpg
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baba , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 35eb2272bbba9d57a19ea29bfea918bd6571b329e606b16a2f35c72d95b114b1

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Last-Modified: Tue, 30 Jul 2019 13:57:01 GMT
Server: nginx
ETag: "0962b463130b1ac983270c5308f18508"
X-Cache-Status: REVALIDATED
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56927
Expires: Wed, 13 May 2020 23:45:24 GMT

GET
H/1.1 200
OK bfc185ae-fc78-4c42-8fd1-93b947a6c7442019-08-21_NT_Recurrent_shop_actions_resizing_30P_Champion_Blessing_Amulets_TNT_News_Thumbnail_444x250.jpg
secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ 26 KB
26 KB 17ms
14ms Image
image/jpeg 2a02:26f0:6c00::210:baba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/bfc185ae-fc78-4c42-8fd1-93b947a6c7442019-08-21_NT_Recurrent_shop_actions_resizing_30P_Champion_Blessing_Amulets_TNT_News_Thumbnail_444x250.jpg
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baba , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: b28ce008e6d268dfebdbebb51de1c770e61963d111a05f5abd09b65772cb73ad

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Last-Modified: Fri, 20 Sep 2019 15:25:09 GMT
Server: nginx
ETag: "2ba89f5b3f864927cc867b5e7d6878be"
X-Cache-Status: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26694
Expires: Wed, 13 May 2020 23:45:24 GMT

GET
H/1.1 200
OK f6864ad5-c3ad-49c7-bb18-f37b8ae65a732019-08-19_NT_Resize_maintenance_graphics_gfcom_TNT_Thumbnail_large_444x250.jpg
secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ 36 KB
36 KB 44ms
14ms Image
image/jpeg 2a02:26f0:6c00::210:baba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/f6864ad5-c3ad-49c7-bb18-f37b8ae65a732019-08-19_NT_Resize_maintenance_graphics_gfcom_TNT_Thumbnail_large_444x250.jpg
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baba , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: b7dc88d48a67bb7a0912c1042bd0461e36b7557ba274088707788ae4bfafed78

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Last-Modified: Tue, 28 Apr 2020 08:38:25 GMT
Server: nginx
ETag: "e7a26c737e140d5bc2113ef6d7775fef"
X-Cache-Status: REVALIDATED
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36883
Expires: Wed, 13 May 2020 23:45:24 GMT

GET
H/1.1 200
OK 3f575e53-2df9-4df0-9b5f-c489772520cd2020-01-23_NT_SU65_Wizard_of_NOS_TNT_News_Thumbnail_444x250.jpg
secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/ 33 KB
34 KB 34ms
6ms Image
image/jpeg 2a02:26f0:6c00::210:baba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-asset-delivery.gameforge.com/partnersite_live_product/81854f0b-0698-4507-bcae-59b909e2f1f0/3f575e53-2df9-4df0-9b5f-c489772520cd2020-01-23_NT_SU65_Wizard_of_NOS_TNT_News_Thumbnail_444x250.jpg
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baba , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: efed9e4f2e6eb2f8739675d1dc76b36d414810d403612ba7897584cd6253ff5f

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Last-Modified: Tue, 11 Feb 2020 15:59:24 GMT
Server: nginx
ETag: "e8c49ae9c8e719f8c2dca840d31001d9"
X-Cache-Status: REVALIDATED
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34028
Expires: Wed, 13 May 2020 23:45:24 GMT

GET
H2 200 gtmext.min.js Show response
analytics-udg.netdna-ssl.com/gtmext/1.3.1/ 27 KB
9 KB 201ms
68ms Script
application/x-javascript 151.139.239.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-udg.netdna-ssl.com/gtmext/1.3.1/gtmext.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THNP3BQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.239.32 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ba331fd29c240a0bcdd46ea35a4798d8bdb5d7f89498f798b69d372295a23b21

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 23:43:24 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 17:13:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e691c43-6b35"
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
expires: Thu, 14 May 2020 23:43:24 GMT

POST
H/1.1 200
OK internalIpCheck.php Show response
ext.nonstoppartner.net/extension/scripts/v3/ 20 B
333 B 204ms
63ms XHR
text/html 78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ext.nonstoppartner.net/extension/scripts/v3/internalIpCheck.php
Requested by: Host: fast-redirecting.com
URL: https://fast-redirecting.com/sl/4a79a137?utm_source=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 254949a26416efbba88dae7a2c372b87e015ec75360b82f9935b549f2bc19a3d

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10

GET
H2 200 5aae8d79e57c881571580bf2d3f4e5c5a490ea12.js Show response
my.hellobar.com/ 2 KB
1 KB 404ms
357ms Script
text/javascript 2600:9000:20eb:a00:0:93e4:a640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/5aae8d79e57c881571580bf2d3f4e5c5a490ea12.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THNP3BQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:a00:0:93e4:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c677a62153678e97c93a87b84a2c0c3e9e44f1cee4584e07cf5f7c9404232fa3

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 23:43:25 GMT
content-encoding: gzip
last-modified: Wed, 13 May 2020 06:49:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "e1a30902e8ab16b4cd6635babcd6c6af"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
status: 200
cache-control: must-revalidate, proxy-revalidate, max-age=86400, s-maxage=10
accept-ranges: bytes
content-length: 968
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-id: jaGYlh6MHGWGOfzQQSvJwUkcWhjxR6bicp_I_rhIXqzrU6B0OhaSdA==

GET
H2 200 collect
www.google-analytics.com/ 35 B
101 B 8ms
5ms Image
image/gif 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&aip=1&a=1953884703&t=pageview&_s=1&dl=https%3A%2F%2Fgameforge.com%2Fen-GB%2Fplay%2Fnostale&dr=http%3A%2F%2Fpix.excelead.net%2Fjump%2F%3Fjl%3D5715192&dp=%2Fen-GB%2Fplay%2Fnostale&dh=gameforge.com&ul=en-us&de=UTF-8&dt=NosTale&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHgAgAAD~&jid=605194713&gjid=578360398&cid=964930543.1589413403&tid=UA-141679886-4&_gid=732549534.1589413404&gtm=2wg561THNP3BQ&cd3=GB&cd4=en&cd5=nostale&cd6=product-page&cd7=browser&cd14=964930543.1589413403&cd17=live&cd18=spa&z=45453214

Requested by

Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Apr 2020 12:29:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2805211
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-141679886-4&cid=964930543.1589413403&jid=605194713&gjid=578360398&_gid=732549534.1589413404&_u=aHgAgAAD~&z=1559952052
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141679886-4&cid=964930543.1589413403&jid=605194713&_v=j82&z=1559952052
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141679886-4&cid=964930543.1589413403&jid=605194713&_v=j82&z=1559952052&slf_rd=1&random=2285062538

42 B
106 B

16ms
16ms

Image
image/gif

2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141679886-4&cid=964930543.1589413403&jid=605194713&_v=j82&z=1559952052&slf_rd=1&random=2285062538

Requested by

Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 May 2020 23:43:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 May 2020 23:43:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141679886-4&cid=964930543.1589413403&jid=605194713&_v=j82&z=1559952052&slf_rd=1&random=2285062538
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pz.js Show response
gameforge.com/pz/ Frame 7831 12 KB
3 KB 75ms
75ms Script
application/javascript 104.22.14.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gameforge.com/pz/pz.js

Requested by

Host: gameforge.com
URL: https://gameforge.com/pz/pz-frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.14.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0c40ae03cd7ccdc02bb8665bb26ae61178a0e91660b606b089a87d2114ffba07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://gameforge.com/pz/pz-frame.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 23:43:24 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: HIT
age: 1251
x-powered-by: Express
status: 200
cf-request-id: 02b204f6ed0000fa6469888200000001
last-modified: Thu, 26 Mar 2020 11:32:55 GMT
server: cloudflare
etag: W/"30cb-171169dd658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: Content-Type,Authorization
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 59303dd17afcfa64-AMS

GET
H/1.1 200
OK cookie.min.js Show response
s3-static.geo.gfsrv.net/cookiebanner/1.1.0/ 19 KB
7 KB 152ms
50ms Script
text/javascript 79.110.86.107
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-static.geo.gfsrv.net/cookiebanner/1.1.0/cookie.min.js
Requested by: Host: gameforge.com
URL: https://gameforge.com/pz/pz-bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.86.107 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS: s172.gfsrv.net
Software: nginx /
Resource Hash: 1b51aab382efdcb59f97458e47c0a8fd3d42e357cb5f3605289347a1a750f254

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Mar 2020 08:51:19 GMT
Server: nginx
ETag: W/"3fd3dba91efd76eaf756ed4b2458f438"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 14 May 2020 02:43:24 GMT

GET
H/1.1 200
OK al.php Show response
ads-delivery.gameforge.com/ 440 B
784 B 224ms
55ms Script
application/x-javascript 79.110.87.202
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-delivery.gameforge.com/al.php?zoneid=2469&target=_blank&layerstyle=gameforge&align=right&valign=top&shifth=30&shiftv=80&closebutton=f
Requested by: Host: gameforge.com
URL: https://gameforge.com/js/app.6a57.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.87.202 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS: delivery.ads.gfsrv.net
Software: Apache /
Resource Hash: 53bcddbc94f790a2cb96b4ea58402f08c6ec76217cd80aebfb45a2da84180206

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 May 2020 23:43:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Content-Length: 305
Expires: 0

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/script/ 96 B
514 B 63ms
60ms Script
text/javascript 18.130.114.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/script/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/snare.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.130.114.88 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-130-114-88.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e1afd51ae5981cf30c62f432c4d9d530ef3fb244f55d03b0c5a749988cd620b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 13 May 2021 23:43:24 GMT

GET
H/1.1 200
OK us.json Show response
s3-static.geo.gfsrv.net/cookiebanner/1.1.0/localization/ 11 KB
4 KB 63ms
62ms XHR
application/json 79.110.86.107
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-static.geo.gfsrv.net/cookiebanner/1.1.0/localization/us.json
Requested by: Host: s3-static.geo.gfsrv.net
URL: https://s3-static.geo.gfsrv.net/cookiebanner/1.1.0/cookie.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.86.107 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS: s172.gfsrv.net
Software: nginx /
Resource Hash: c061e5d26e4721116a1d672248bf5c0e3b58765ba01865e0631e5070eb937575

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Mar 2020 08:51:19 GMT
Server: nginx
ETag: W/"b05024f387b97c23f83d47f64a3c5626"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 14 May 2020 02:43:24 GMT

GET
H/1.1 200
OK cookieList.json Show response
s3-static.geo.gfsrv.net/cookiebanner/1.1.0/ 10 KB
1 KB 114ms
49ms XHR
application/json 79.110.86.107
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-static.geo.gfsrv.net/cookiebanner/1.1.0/cookieList.json
Requested by: Host: s3-static.geo.gfsrv.net
URL: https://s3-static.geo.gfsrv.net/cookiebanner/1.1.0/cookie.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.86.107 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS: s172.gfsrv.net
Software: nginx /
Resource Hash: 3a4da5d184ddc53a65fa5f575d21602fa800a763e700f042ac6ba0f9c7ede86c

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Mar 2020 08:51:19 GMT
Server: nginx
ETag: W/"2d1e828cba7ff1e8790752cba3e991e1"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 14 May 2020 02:43:24 GMT

GET
H/1.1 200
OK E6gg7P33.js Show response
pixelzirkus.gameforge.com/static/js/ Frame DF67 4 KB
2 KB 344ms
55ms Script
application/javascript 79.110.82.166
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixelzirkus.gameforge.com/static/js/E6gg7P33.js
Requested by: Host: gameforge.com
URL: https://gameforge.com/pz/pz.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.82.166 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 61e230186558ae1ec0f5aadde95e171280a1a705439a5352f90e91ccbd7c82c4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Aug 2018 07:34:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 12 Jun 2020 23:43:25 GMT

GET
H2 200 modules-v57.js Show response
my.hellobar.com/ 133 KB
37 KB 8ms
7ms Script
text/javascript 2600:9000:20eb:a00:0:93e4:a640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules-v57.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/5aae8d79e57c881571580bf2d3f4e5c5a490ea12.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:a00:0:93e4:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 770a97d5e6f67c79c5512c2f87e313acbb36a95c1478389e957b879b897d26cd

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 17:02:44 GMT
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 08:44:25 GMT
server: AmazonS3
age: 1233641
etag: "81d29a76abc91258e7d7a48c758c71a2"
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: must-revalidate, proxy-revalidate, max-age=31557600, s-maxage=31557600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 37382
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-id: JYCPyHLGN2xhVE2G4MQCyWwKYYRkwS7f5Fs14RwyvtZzl2GPMfoiPQ==

GET
H/1.1 200
OK lg.php
ads-delivery.gameforge.com/ 43 B
444 B 224ms
55ms Image
image/gif 79.110.87.202
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-delivery.gameforge.com/lg.php?bannerid=0&campaignid=0&zoneid=2469&loc=https%3A%2F%2Fgameforge.com%2Fen-GB%2Fplay%2Fnostale&cb=4dbc6532bb
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.87.202 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS: delivery.ads.gfsrv.net
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 May 2020 23:43:25 GMT
Server: Apache
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ 261 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23f3d19861e7f5385f44afe71219d7de988b7cb838cfdfa98821b7bbc2135e06

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 641 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88ed0c9c52b66fe8f78d03ea5e3f72308e246b373c4483fae2f93d42e857b587

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK gf_logo.png
gf1.geo.gfsrv.net/static/cookie-banner/2018052311/cookie_policy/img/ 5 KB
5 KB 397ms
55ms Image
image/png 79.110.86.107
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gf1.geo.gfsrv.net/static/cookie-banner/2018052311/cookie_policy/img/gf_logo.png
Requested by: Host: gameforge.com
URL: https://gameforge.com/en-GB/play/nostale
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.86.107 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS: s172.gfsrv.net
Software: nginx /
Resource Hash: b79fbc6caa9250a6ef96d6d0eb59f02d94603615fab79eb2b270aad43a84dcdb

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:25 GMT
Last-Modified: Fri, 18 May 2018 11:49:19 GMT
Server: nginx
ETag: "5afebdbf-13ac"
X-Cache-Status: HIT
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=7776000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5036
Expires: Tue, 21 Aug 2018 09:52:06 GMT

POST
H/1.1 200
OK Cookie set simple Show response
pixelzirkus.gameforge.com/do/ Frame DF67 0
494 B 63ms
62ms Document
text/plain 79.110.82.166
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixelzirkus.gameforge.com/do/simple
Requested by: Host: fast-redirecting.com
URL: https://fast-redirecting.com/sl/4a79a137?utm_source=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.82.166 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: pixelzirkus.gameforge.com
Connection: keep-alive
Content-Length: 263
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: https://gameforge.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: __cfduid=dddc7d6307b971a985a07497f29d0149a1589413403; gtm_internal=false
Upgrade-Insecure-Requests: 1
Origin: https://gameforge.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Wed, 13 May 2020 23:43:25 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: pc_idt=AAqR4WFs-395PE7n45Qb0FwbcwE3KRRC4DFES-pzFAc9dm701YlgmUUKOvfHE_RDleKBQm3SYh2WotHMa8UIyLnnnyZPQM09v8XNWM6PNfCyoD6AYohU_60TCQnyRP44krQ9GjsZMbPfJ7Rjw2WwuAF5vW4xjz4gjy04; path=/; domain=.gameforge.com; HttpOnly; Max-Age=31536000; Expires=Thu, 13-May-2021 23:43:25 GMT
Expires: Wed, 13 May 2020 23:43:24 GMT
Cache-Control: no-cache

GET
H/1.1 200
OK GT7h68ox.js Show response
pixelzirkus.gameforge.com/static/js/ Frame 5C6A 33 KB
11 KB 62ms
61ms Script
application/javascript 79.110.82.166
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixelzirkus.gameforge.com/static/js/GT7h68ox.js
Requested by: Host: gameforge.com
URL: https://gameforge.com/pz/pz.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.82.166 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 08c3d5512e7766e9068ddd60328704f451150039955a271710ff74650bc33464

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 23:43:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Aug 2018 07:34:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 12 Jun 2020 23:43:25 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
101 B 11ms
10ms Image
image/gif 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&aip=1&a=1953884703&t=timing&_s=2&dl=https%3A%2F%2Fgameforge.com%2Fen-GB%2Fplay%2Fnostale&dr=http%3A%2F%2Fpix.excelead.net%2Fjump%2F%3Fjl%3D5715192&dp=%2Fen-GB%2Fplay%2Fnostale&dh=gameforge.com&ul=en-us&de=UTF-8&dt=NosTale&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3593&pdt=54&dns=8&rrt=1426&srt=75&tcp=130&dit=1893&clt=1893&_gst=1801&_gbt=1818&_cst=1669&_cbt=1788&_u=aHgAiAADB~&jid=545387452&gjid=1295507554&cid=964930543.1589413403&tid=UA-141679886-4&_gid=732549534.1589413404&gtm=2wg561THNP3BQ&cd3=GB&cd4=en&cd5=nostale&cd6=product-page&cd7=browser&cd14=964930543.1589413403&cd17=live&cd18=spa&z=104436630

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Apr 2020 12:29:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2805212
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-141679886-4&cid=964930543.1589413403&jid=545387452&gjid=1295507554&_gid=732549534.1589413404&_u=aHgAiAADB~&z=521767397
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141679886-4&cid=964930543.1589413403&jid=545387452&_v=j82&z=521767397
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141679886-4&cid=964930543.1589413403&jid=545387452&_v=j82&z=521767397&slf_rd=1&random=1161112091

42 B
106 B

16ms
16ms

Image
image/gif

2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141679886-4&cid=964930543.1589413403&jid=545387452&_v=j82&z=521767397&slf_rd=1&random=1161112091

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gameforge.com/en-GB/play/nostale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 May 2020 23:43:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 May 2020 23:43:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141679886-4&cid=964930543.1589413403&jid=545387452&_v=j82&z=521767397&slf_rd=1&random=1161112091
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK Cookie set simple Show response
pixelzirkus.gameforge.com/do/ Frame 5C6A 0
494 B 93ms
93ms Document
text/plain 79.110.82.166
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixelzirkus.gameforge.com/do/simple
Requested by: Host: fast-redirecting.com
URL: https://fast-redirecting.com/sl/4a79a137?utm_source=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.82.166 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: pixelzirkus.gameforge.com
Connection: keep-alive
Content-Length: 327
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: https://gameforge.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: __cfduid=dddc7d6307b971a985a07497f29d0149a1589413403; gtm_internal=false; pc_idt=AAqR4WFs-395PE7n45Qb0FwbcwE3KRRC4DFES-pzFAc9dm701YlgmUUKOvfHE_RDleKBQm3SYh2WotHMa8UIyLnnnyZPQM09v8XNWM6PNfCyoD6AYohU_60TCQnyRP44krQ9GjsZMbPfJ7Rjw2WwuAF5vW4xjz4gjy04
Upgrade-Insecure-Requests: 1
Origin: https://gameforge.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Wed, 13 May 2020 23:43:25 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: pc_idt=AAqR4WFs-395PE7n45Qb0FwbcwE3KRRC4DFES-pzFAc9dm701YlgmUUKOvfHE_RDleKBQm3SYh2WotHMa8UIyLnnnyZPQM09v8XNWM6PNfCyoD6AYohU_60TCQnyRP44krQ9GjsZMbPfJ7Rjw2WwuAF5vW4xjz4gjy04; path=/; domain=.gameforge.com; HttpOnly; Max-Age=31536000; Expires=Thu, 13-May-2021 23:43:25 GMT
Expires: Wed, 13 May 2020 23:43:24 GMT
Cache-Control: no-cache

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gameforge.com/	1970-01-19 18:15:49	Name: pc_idt Value: AAqR4WFs-395PE7n45Qb0FwbcwE3KRRC4DFES-pzFAc9dm701YlgmUUKOvfHE_RDleKBQm3SYh2WotHMa8UIyLnnnyZPQM09v8XNWM6PNfCyoD6AYohU_60TCQnyRP44krQ9GjsZMbPfJ7Rjw2WwuAF5vW4xjz4gjy04
.gameforge.com/	1970-01-19 10:13:25	Name: gtm_internal Value: false
.gameforge.com/	1970-01-19 10:13:25	Name: __cfduid Value: dddc7d6307b971a985a07497f29d0149a1589413403

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://gameforge.com/js/app.6a57.js(Line 1) Message: Locale changed to: en-GB
console-api	info	URL: https://gameforge.com/js/app.6a57.js(Line 1) Message: [GTM] Pushing data layer product-page [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads-delivery.gameforge.com
ads.ad4game.com
analytics-udg.netdna-ssl.com
c.redirect750.us
dekor.beautyt.site
en.nostale.gameforge.com
ext.nonstoppartner.net
fast-redirecting.com
gameforge.com
gardendecor.space
gf1.geo.gfsrv.net
mpsnare.iesnare.com
my.hellobar.com
network.52441.com
pinaboutall.com
pix.excelead.net
pixelzirkus.gameforge.com
ranewita.com
s3-static.geo.gfsrv.net
secure-asset-delivery.gameforge.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
yltenim.com
104.22.14.121
104.24.123.224
116.202.209.183
139.162.118.155
139.162.172.221
151.139.239.32
18.130.114.88
192.207.255.147
198.143.165.221
2600:9000:20eb:a00:0:93e4:a640:93a1
2a00:1450:4001:808::2004
2a00:1450:4001:819::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:824::2003
2a00:1450:400c:c06::9a
2a02:26f0:6c00::210:baba
5.189.188.165
52.200.174.146
78.46.85.162
79.110.82.166
79.110.84.82
79.110.86.107
79.110.87.202
0198d220ed1b844f92f1bde4a00a5084bda74803f7016e8f5157e6ee24ffb873
0469227fa230db0b0ed292423d49eea1821ad6ab67319235531c19e9e05c6128
0685b2d5b247e0f29152283ab4d55b5553b926194dc480a0c3f817f6fee48e85
08c3d5512e7766e9068ddd60328704f451150039955a271710ff74650bc33464
09f6c1e491fed2aa9bd7f359b47daa1dd98fb0db4548c7ef3762de89b1d9a78d
0b561fd56d375b2c3cce7b5ce73605d405291ce2cbb1ac016945384fc5ea68e5
0c40ae03cd7ccdc02bb8665bb26ae61178a0e91660b606b089a87d2114ffba07
16bb3d8fb5c371c9e4fa6b5f313c0a5e2edd911c0ce6d0f9c3cee01e9560a2b3
1a1f5d531b16f2cf16ab4968fdee5f731c50294783d15087bf0fc55079522738
1b51aab382efdcb59f97458e47c0a8fd3d42e357cb5f3605289347a1a750f254
1c0da02d25206348606b7c9f7d714f9d365fe6895a08a85730797d8a6328b496
23f3d19861e7f5385f44afe71219d7de988b7cb838cfdfa98821b7bbc2135e06
254949a26416efbba88dae7a2c372b87e015ec75360b82f9935b549f2bc19a3d
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
35eb2272bbba9d57a19ea29bfea918bd6571b329e606b16a2f35c72d95b114b1
361620ea4764f300ca3ad3e0332b8c72d2eeca560ed7f3d973057d0d9647c0bc
3a4da5d184ddc53a65fa5f575d21602fa800a763e700f042ac6ba0f9c7ede86c
4656caa5868bdd56b5903d1a67723f85a8b164ea13a6444b20c12671fc5002ec
497053fce9bddf8c3306bbeca39dbe04a0602e7500bc5ee55fb0cdccb4acf7b8
4ba8fe9e9cef5c437b4685ca79b56b276dd5152ad1a961722e44f78a7600e577
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
520e96c62c39c9fe7bd56f2f82f8ad52013996130832c70c24f282e75fbb9517
53bcddbc94f790a2cb96b4ea58402f08c6ec76217cd80aebfb45a2da84180206
54eda386d7d8c7efdf22bf74e0cf769d4cc0ea299079263c7fd0e9e9eb89087c
5e80326b6cf36a89c3ddf6776044212f2ccd36e5b9ae2d5cd135ac682f9fad90
61e230186558ae1ec0f5aadde95e171280a1a705439a5352f90e91ccbd7c82c4
6a2f4003a98a3d8b367702823291c5e43078623288deff831d9d83c8f2db9b16
734bd31b8e1b4cf4500b8a37a30d435d99f4e329fb9b3bb5de87892dae09d202
74db57644711b01e7f47059d69861a17bc563ba69913a19cc6bf9bcfea4513d2
770a97d5e6f67c79c5512c2f87e313acbb36a95c1478389e957b879b897d26cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
877b0bf9846fc0126b9f6f22e1d10d0a8b346f84e104107ddf96c424b4fbd904
88ed0c9c52b66fe8f78d03ea5e3f72308e246b373c4483fae2f93d42e857b587
a5cb48ed3578c85997eaf1f6809905aa71fb94b960e50debad261ba521b5375c
b2514905e83208a4a58f0095fd980d143797db4bb05cc59d5ec83a041c8460e4
b28ce008e6d268dfebdbebb51de1c770e61963d111a05f5abd09b65772cb73ad
b79fbc6caa9250a6ef96d6d0eb59f02d94603615fab79eb2b270aad43a84dcdb
b7dc88d48a67bb7a0912c1042bd0461e36b7557ba274088707788ae4bfafed78
ba331fd29c240a0bcdd46ea35a4798d8bdb5d7f89498f798b69d372295a23b21
bd7ca95e0d131e847aaf8e9719e3fe71849df51ca886e48819a76ef6fb4bd73e
c061e5d26e4721116a1d672248bf5c0e3b58765ba01865e0631e5070eb937575
c3da5e60f548782922823d2eaeaf7853b2c3d47b24f0a5c0aa1c9f03cdcd89f0
c5a31da9236229e56d39dc9b3a733d24518fc592d4081912067bb7f966f8b8ce
c677a62153678e97c93a87b84a2c0c3e9e44f1cee4584e07cf5f7c9404232fa3
c6f2f77a03f12b1a03a58f305dba0ebe8e9b5383faf768db1d0f6a8129da3d2a
d3773cf9d2cff6a730c64c7fcd4b78d8119fbc05e791648e7523cdfd24c5aa87
e1afd51ae5981cf30c62f432c4d9d530ef3fb244f55d03b0c5a749988cd620b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eae2662023b025d8d0e651af023bcd88902786a9d97b99431dce0bae473fbf92
ecb2f98eed5cb8da6034f182d158f19cfd8ee56aa79de0fd8ff573c009a4d221
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efed9e4f2e6eb2f8739675d1dc76b36d414810d403612ba7897584cd6253ff5f
f092ba5868a2cec970d4e985ff8b68eb9270c5fd43d84e69ea207149a51157ee

gameforge.com Open in urlscan Pro 104.22.14.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

93 %HTTPS

30 %IPv6

21 Domains

26 Subdomains

17 IPs

6 Countries

2704 kBTransfer

6530 kBSize

3 Cookies

19 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gameforge.com Open in urlscan Pro
104.22.14.121 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

93 %
HTTPS

30 %
IPv6

21
Domains

26
Subdomains

17
IPs

6
Countries

2704 kB
Transfer

6530 kB
Size

3
Cookies

58 HTTP transactions
2 data transactions