pm-pc.forestgame.me Open in urlscan Pro
43.153.39.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pm-pc.forestgame.me/
Effective URL:
https://pm-pc.forestgame.me/
Submission: On May 01 via api (May 1st 2024, 7:28:30 am UTC) from US — Scanned from DE

Summary HTTP 32 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 32 HTTP transactions. The main IP is 43.153.39.111, located in United States and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is pm-pc.forestgame.me.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on September 5th 2023. Valid for: a year.

This is the only time pm-pc.forestgame.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	43.153.39.111 43.153.39.111	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	139.217.98.89 139.217.98.89	58593 (BLUECLOUD...) (BLUECLOUD Shanghai Blue Cloud Technology Co.)
2	172.67.200.71 172.67.200.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	7

11 43.153.39.111 (United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

pm-pc.forestgame.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sdk.herollgame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

gamesource-smbb.forestgame.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.217.98.89 (Beijing, China)

ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN)

api.mguwp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.200.71 (United States)

ASN13335 (CLOUDFLARENET, US)

res.herollgame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	forestgame.me pm-pc.forestgame.me gamesource-smbb.forestgame.me	2 MB
4	mguwp.net api.mguwp.net	114 KB
3	herollgame.com sdk.herollgame.com res.herollgame.com	108 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	71 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	274 B
32	5

	Domain	Requested by
10	pm-pc.forestgame.me	pm-pc.forestgame.me
9	gamesource-smbb.forestgame.me	pm-pc.forestgame.me gamesource-smbb.forestgame.me
4	api.mguwp.net	gamesource-smbb.forestgame.me api.mguwp.net
2	res.herollgame.com	gamesource-smbb.forestgame.me
2	connect.facebook.net	pm-pc.forestgame.me connect.facebook.net
1	www.facebook.com	pm-pc.forestgame.me
1	sdk.herollgame.com	pm-pc.forestgame.me
32	7

This site contains links to these domains. Also see Links.

Domain
discord.gg

Subject Issuer	Validity	Valid
pm-pc.forestgame.me TrustAsia RSA DV TLS CA G2	`2023-09-05` - `2024-09-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-09` - `2024-05-08`	3 months	crt.sh
forestgame.me GTS CA 1P5	`2024-04-21` - `2024-07-20`	3 months	crt.sh
sdk.herollgame.com TrustAsia RSA DV TLS CA G2	`2023-06-12` - `2024-06-11`	a year	crt.sh
api.mguwp.net TrustAsia RSA DV TLS CA G2	`2024-03-26` - `2025-04-08`	a year	crt.sh
herollgame.com E1	`2024-04-02` - `2024-07-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://pm-pc.forestgame.me/
Frame ID: 67323E7D69B137F34667AFF750D97C10
Requests: 14 HTTP requests in this frame

Frame: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Frame ID: 333389A65B16C24BC6B1A938133B281A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pokemon Mega Ⅱ

Page URL History Show full URLs

http://pm-pc.forestgame.me/ HTTP 307
https://pm-pc.forestgame.me/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

91 %
HTTPS

33 %
IPv6

5
Domains

7
Subdomains

7
IPs

4
Countries

2563 kB
Transfer

8287 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/EFaJ5rzXFK
Title: Discord

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pm-pc.forestgame.me/ HTTP 307
https://pm-pc.forestgame.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pm-pc.forestgame.me/
Redirect Chain

http://pm-pc.forestgame.me/
https://pm-pc.forestgame.me/

7 KB
3 KB

569ms
184ms

Document
text/html

43.153.39.111
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://pm-pc.forestgame.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.153.39.111 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

858dc931f1fddb9b5f0cd9c342075ff30d342d61fbcd5465fb04be645224fe65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 01 May 2024 07:28:23 GMT
etag: W/"652fa0b8-1dea"
last-modified: Wed, 18 Oct 2023 09:09:12 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

Location: https://pm-pc.forestgame.me/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 index.css
pm-pc.forestgame.me/css/ 10 KB
3 KB 186ms
184ms Stylesheet
text/css 43.153.39.111
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://pm-pc.forestgame.me/css/index.css

Requested by

Host: pm-pc.forestgame.me
URL: https://pm-pc.forestgame.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.153.39.111 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

54e5c0729aae2f73122309847a97841a83e8ca6b723b22dc698de6ea2b7b135b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pm-pc.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 14:13:55 GMT
server: nginx
etag: W/"64f9daa3-260e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 01 May 2024 19:28:23 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
pm-pc.forestgame.me/js/ 262 KB
90 KB 369ms
368ms Script
application/javascript 43.153.39.111
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://pm-pc.forestgame.me/js/jquery-3.2.1.min.js

Requested by

Host: pm-pc.forestgame.me
URL: https://pm-pc.forestgame.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.153.39.111 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pm-pc.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 14:13:51 GMT
server: nginx
etag: W/"64f9da9f-41707"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 01 May 2024 19:28:23 GMT

GET
H2 200 index.min.js Show response
pm-pc.forestgame.me/js/ 23 KB
10 KB 555ms
553ms Script
application/javascript 43.153.39.111
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://pm-pc.forestgame.me/js/index.min.js

Requested by

Host: pm-pc.forestgame.me
URL: https://pm-pc.forestgame.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.153.39.111 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

37a6fa6d711609a6fa97d750f58ace516d80ca39064ddf75bd595c29e2ec8cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pm-pc.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 18 Oct 2023 09:09:00 GMT
server: nginx
etag: W/"652fa0ac-5bae"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 01 May 2024 19:28:23 GMT

GET
H2 200 xdsdk-help.js Show response
pm-pc.forestgame.me/js/ 2 KB
659 B 555ms
553ms Script
application/javascript 43.153.39.111
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://pm-pc.forestgame.me/js/xdsdk-help.js

Requested by

Host: pm-pc.forestgame.me
URL: https://pm-pc.forestgame.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.153.39.111 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

639b9dd8d05436a6455703aa9d7cd813361eb11916b7237a2ccfdce4bb314e99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pm-pc.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 14:13:51 GMT
server: nginx
etag: W/"64f9da9f-730"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 01 May 2024 19:28:23 GMT

GET
H2 200 m-qrcode.png
pm-pc.forestgame.me/img/ 20 KB
20 KB 555ms
554ms Image
image/png 43.153.39.111
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pm-pc.forestgame.me/img/m-qrcode.png

Requested by

Host: pm-pc.forestgame.me
URL: https://pm-pc.forestgame.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.153.39.111 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

7b1d415e16d4b0e50da7432c30c9a81fd6dc568d7d1a20b999452869988edf39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pm-pc.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:23 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 13 Sep 2023 14:50:48 GMT
server: nginx
etag: "6501cc48-4fc1"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 20417
expires: Fri, 31 May 2024 07:28:23 GMT

GET
H2 200 box.png
pm-pc.forestgame.me/img/ 22 KB
22 KB 555ms
554ms Image
image/png 43.153.39.111
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pm-pc.forestgame.me/img/box.png

Requested by

Host: pm-pc.forestgame.me
URL: https://pm-pc.forestgame.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.153.39.111 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

33b0579afae2fef57f54c166de4e987d9ba464a09420fda993857ca9a022a519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pm-pc.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:23 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 07 Sep 2023 14:13:40 GMT
server: nginx
etag: "64f9da94-5770"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22384
expires: Fri, 31 May 2024 07:28:23 GMT

GET
H2 200 bg.jpg
pm-pc.forestgame.me/img/ 261 KB
261 KB 185ms
185ms Image
image/jpeg 43.153.39.111
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pm-pc.forestgame.me/img/bg.jpg

Requested by

Host: pm-pc.forestgame.me
URL: https://pm-pc.forestgame.me/css/index.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.153.39.111 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

f18d46e7536a363108c0b7d7f0e97112ae7350913f566df9376f0224f66042b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pm-pc.forestgame.me/css/index.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 07 Sep 2023 14:13:38 GMT
server: nginx
etag: "64f9da92-412f4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 266996
expires: Fri, 31 May 2024 07:28:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 128ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pm-pc.forestgame.me
URL: https://pm-pc.forestgame.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

713601c1e3e76d39801d007a718d2b536a7a081e31a51f22e99ff96d58e988e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pm-pc.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 May 2024 07:28:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57855
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 1fmaYHZfGtJUUwnzwdC6kDcFp6vIvZz+60GY8ootsluNWNOyUmJmal3+voN2mZ13x+LXreaYMxYizT8J7c3Jww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe-border.png
pm-pc.forestgame.me/img/ 383 KB
384 KB 364ms
364ms Image
image/png 43.153.39.111
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pm-pc.forestgame.me/img/iframe-border.png

Requested by

Host: pm-pc.forestgame.me
URL: https://pm-pc.forestgame.me/css/index.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.153.39.111 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

28bb48e27087beda65f458f7368e739541b88a71cf75129d15578af8631e9214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pm-pc.forestgame.me/css/index.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 07 Sep 2023 14:13:47 GMT
server: nginx
etag: "64f9da9b-5fc44"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 392260
expires: Fri, 31 May 2024 07:28:24 GMT

GET
H2 200 icon-sprites.png
pm-pc.forestgame.me/img/ 32 KB
32 KB 364ms
364ms Image
image/png 43.153.39.111
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pm-pc.forestgame.me/img/icon-sprites.png

Requested by

Host: pm-pc.forestgame.me
URL: https://pm-pc.forestgame.me/css/index.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.153.39.111 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

72583e7bd38e9dd993eedbf230b2e5f06110a9b0b04f238fa56ede656a809fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pm-pc.forestgame.me/css/index.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 07 Sep 2023 14:13:44 GMT
server: nginx
etag: "64f9da98-8107"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33031
expires: Fri, 31 May 2024 07:28:24 GMT

GET
H3 200 sanwan9.html Show response
gamesource-smbb.forestgame.me/ Frame 3333 25 KB
7 KB 456ms
369ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Requested by: Host: pm-pc.forestgame.me
URL: https://pm-pc.forestgame.me/js/jquery-3.2.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1aa999f51b519b28a6cd80c27510a514d3b564d0f5a9691bc4d462ae3ffd9e4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pm-pc.forestgame.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 87ce0df90b1b5d7c-FRA
content-encoding: br
content-type: text/html
date: Wed, 01 May 2024 07:28:24 GMT
last-modified: Tue, 30 Apr 2024 14:57:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6h1%2Fk8mn3%2BUyx4lj0UFoAZgvBxmNxdRye06O%2FieNbKIt6bR2DoDDuGN4KZAxgRsr3V%2B5baVME9Dni8D8g6Hxdmo8CFtlpoDEn8YJuuKOuooUSO8PE6Ft0QXCGOAW3AgPt2%2BY7axRTmT3N%2FnpF812Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 siteTopDocs Show response
sdk.herollgame.com/gameSite/ 1 KB
1 KB 574ms
184ms XHR
application/json 43.153.39.111
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.herollgame.com/gameSite/siteTopDocs
Requested by: Host: pm-pc.forestgame.me
URL: https://pm-pc.forestgame.me/js/jquery-3.2.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.39.111 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx /
Resource Hash: 538f13ed02bdbceb522e6157dc491bf7277993a9de51e25814d2aa4e606a0592

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://pm-pc.forestgame.me/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://pm-pc.forestgame.me
date: Wed, 01 May 2024 07:28:24 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H2 200 685240500308159 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 169ms
167ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/685240500308159?v=2.9.154&r=stable&domain=pm-pc.forestgame.me&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7df4f858b32631e75355e5183789c8eaee70d56b70ad49cb0324e13adde989e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pm-pc.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 May 2024 07:28:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=64, mss=1294, tbw=63315, tp=-1, tpl=-1, uplat=128, ullat=0
pragma: public
x-fb-debug: QXS6jghXfkuCLQLqjfMCmINTMti/GkVqWu7H5IImFwS4lqJ0CrW3q7oYc6SGLq/Wg14LyTgf/UTcv/iNAcAd2w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 132ms
42ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=685240500308159&ev=PageView&dl=https%3A%2F%2Fpm-pc.forestgame.me%2F&rl=&if=false&ts=1714548504784&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714548504783.1027462688&ler=empty&cdl=API_unavailable&it=1714548504597&coo=false&rqm=GET

Requested by

Host: pm-pc.forestgame.me
URL: https://pm-pc.forestgame.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pm-pc.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 May 2024 07:28:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 black.css
gamesource-smbb.forestgame.me/static/res/ Frame 3333 2 KB
1 KB 66ms
64ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesource-smbb.forestgame.me/static/res/black.css
Requested by: Host: gamesource-smbb.forestgame.me
URL: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb018c60787c4f68707c1b65f81f00acc65a1aee832ca062da452b7a3730f32b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3359920
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Fri, 24 Nov 2023 09:18:49 GMT
server: cloudflare
etag: W/"65606a79-9b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jj1QzjRfzRqUVTdD%2BaiEnAreu%2FUAR7OjUGoYzZrFl1tqHeF6t5T63KdxolGwLWYH0GXomO15UepZpEti1sdGf2Ha%2BgC3nwk9%2FHoPCOyQ%2BKMMHZImniCGjj40REqBrjOp3Z%2BVHBbUl8BMIJkOtW1Ysw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=25920000
cf-ray: 87ce0dfb6d2d5d7c-FRA
expires: Fri, 17 Jan 2025 10:09:44 GMT

GET
H/1.1 200 websdk.js Show response
api.mguwp.net/web/ Frame 3333 9 KB
9 KB 762ms
245ms Script
application/javascript 139.217.98.89
BLUECLOUD Shangha...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mguwp.net/web/websdk.js
Requested by: Host: gamesource-smbb.forestgame.me
URL: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.217.98.89 Beijing, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software: nginx/1.13.6 /
Resource Hash: b99524ee37360154798e41de218c489c96851028cfeb5414858eb64f9b2c4216

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 07:28:25 GMT
Last-Modified: Fri, 02 Apr 2021 02:09:37 GMT
Server: nginx/1.13.6
ETag: W/"8790-1617329377000"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8790

GET
H3 200 jquery-3.2.1.min.js Show response
res.herollgame.com/js/ Frame 3333 85 KB
31 KB 120ms
58ms Script
application/javascript 172.67.200.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://res.herollgame.com/js/jquery-3.2.1.min.js

Requested by

Host: gamesource-smbb.forestgame.me
URL: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.200.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:24 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7652
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 28 Jul 2023 06:23:08 GMT
server: cloudflare
etag: W/"64c35ecc-15282"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOgNYn313UyPSK3UA3Dt5z5RwVpYYltG4zb%2FPa8izDLP72D63g6prNNZMGtxLr%2Fn6TTjnhhoX1GWknf3lbLY0%2BjQU9zOpTKP7kTK3VTHuMYvCsZePYknTqvXvEhSXb%2BONRZ%2Fnnk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 87ce0dfbcd8f5d4c-FRA
expires: Wed, 01 May 2024 17:20:52 GMT

GET
H3 200 xdsdk.min.js Show response
res.herollgame.com/js/ Frame 3333 307 KB
75 KB 160ms
98ms Script
application/javascript 172.67.200.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://res.herollgame.com/js/xdsdk.min.js

Requested by

Host: gamesource-smbb.forestgame.me
URL: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.200.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f30971fcd9c51f4a219cb994378289770f9bbdf95f1ca71d4ae31bef151f5adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:24 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7652
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 18 Oct 2023 10:53:53 GMT
server: cloudflare
etag: W/"652fb941-4cca6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rlJG8L3BHB25N2vp8JbeLxegcGNVwoQOYHu60vFDuoqcW7FDxUPAA9mCTg%2F2LoEq4A1vfY8gYURk9DQDngpNAksKn1%2BjFXNDqsNzlHAN62aLk0UROjcrshL7IdiumFiYlW6vVzc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 87ce0dfbcd905d4c-FRA
expires: Wed, 01 May 2024 17:20:52 GMT

GET
H3 200 loading_FZjyeq.js Show response
gamesource-smbb.forestgame.me/static/ Frame 3333 4 KB
2 KB 111ms
108ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesource-smbb.forestgame.me/static/loading_FZjyeq.js
Requested by: Host: gamesource-smbb.forestgame.me
URL: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ea52783baa313104e9d44d1d9545ae27d7b6851f25a2b44c68f5b1df13c29a7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3359920
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Fri, 24 Nov 2023 09:18:45 GMT
server: cloudflare
etag: W/"65606a75-ee7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QK3XJSc3ASCKp0nsFSFaeIzwGU9OLxuPUzGkDYz%2By20lVVk8PE970tbB1nlp4J5MotcV0FBclaNoHoCQQ7VNl%2BXjh1A%2BYzmhyujBhRMQ%2FrlEiAbwZX%2Fmk39zsemETHreYDq9w%2FMNPxU%2BmKwPg3GNLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=25920000
cf-ray: 87ce0dfbbd765d7c-FRA
expires: Fri, 17 Jan 2025 10:09:44 GMT

GET
H3 200 platformApi_r6Jneu.js Show response
gamesource-smbb.forestgame.me/static/sdk/sanwan9/ Frame 3333 3 KB
1 KB 103ms
101ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesource-smbb.forestgame.me/static/sdk/sanwan9/platformApi_r6Jneu.js
Requested by: Host: gamesource-smbb.forestgame.me
URL: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f085f37a70dc1f515840a22bcdba791085ecc8a72f331def75f3deb8da5e3728

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 436997
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Fri, 24 Nov 2023 09:18:45 GMT
server: cloudflare
etag: W/"65606a75-af3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1B4yZIws3UHuBobpOKd2YDA4o4%2FKCQJ80IBhkYATvKzJRCY3pfdBIv8mv%2FwM8SMMjccKtq9OJRO7qCx1VGoJnupMbzoEot3fR9M%2BNeRnhz6HXqnpbHh%2FtXv6KpFQ2FMweBgEbnFU3ULLEjJOg9uxOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=25920000
cf-ray: 87ce0dfbbd785d7c-FRA
expires: Thu, 20 Feb 2025 06:05:07 GMT

GET
H3 200 resource_3Eruyq_2404302247.js Show response
gamesource-smbb.forestgame.me/static/ Frame 3333 577 KB
137 KB 71ms
68ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesource-smbb.forestgame.me/static/resource_3Eruyq_2404302247.js
Requested by: Host: gamesource-smbb.forestgame.me
URL: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 172989e1a5eb1649a26b702652bcce5274fa921e4846ff600fba11afaba9c3aa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56127
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Tue, 30 Apr 2024 14:57:14 GMT
server: cloudflare
etag: W/"663106ca-23c67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWH%2BwxA7BMnmja9hPuQ%2F17btqF1yAPMXkunKf4TynwEYuQVmsNpcFIKLqqNm8du1oOzPzuyo%2Fm7hcg3nRekH66HmDVDRaUhU1RBzXx%2FLLq9EaeyGarp8rGa1Qr8icfMN77o9O7KCplBnA0MM%2FZpCIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=25920000
cf-ray: 87ce0dfb6d335d7c-FRA
expires: Mon, 24 Feb 2025 15:52:57 GMT

GET
H3 200 game.min_VBnmQr.js Show response
gamesource-smbb.forestgame.me/static/ Frame 3333 1 MB
303 KB 227ms
224ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesource-smbb.forestgame.me/static/game.min_VBnmQr.js
Requested by: Host: gamesource-smbb.forestgame.me
URL: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fe9a95dcf3886f68310b220714e805c8a62b9ede0ee8efd88eefbf52ab4b5ba

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3414797
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Fri, 24 Nov 2023 13:38:13 GMT
server: cloudflare
etag: W/"6560a745-4b632"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wEBFPYyduaxmzVEdMli%2FipNAYmdsLgO8zJcnyr9BMVYBbHL4fb6tjY7QMsyaHHLNYqJAWIegGTKHRw3gpleByYa1UsOTDRYhxqFoJvdT5ub5div98Wb5101xzH5ZTGAb3J9fodv3cC6khgygkv6THA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=25920000
cf-ray: 87ce0dfbbd6e5d7c-FRA
expires: Thu, 16 Jan 2025 18:55:06 GMT

GET
H3 200 main_AR3Mfe_2404302247.js Show response
gamesource-smbb.forestgame.me/static/ Frame 3333 5 MB
982 KB 299ms
297ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesource-smbb.forestgame.me/static/main_AR3Mfe_2404302247.js
Requested by: Host: gamesource-smbb.forestgame.me
URL: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83f0cdb5726253460beb36c7d3a420df8cc226becce23de74927d3611d32a647

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56127
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Tue, 30 Apr 2024 14:57:13 GMT
server: cloudflare
etag: W/"663106c9-100677"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BswvoJe7czRiC6TEqbqFTpMH3R%2FNfyxtO6zFvu%2F1cfcZtpjuF4My6Nak%2B4O%2F6zomsxmD5hBPYlYFVoHOE0eNOLuhXWjD9XWqmzCNJelEP4bu6rhAwWMiY6T15Bx9PhDl62WYXaT6W5JlPESM%2Fg6H0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=25920000
cf-ray: 87ce0dfbbd6f5d7c-FRA
expires: Mon, 24 Feb 2025 15:52:57 GMT

GET
H3 200 makeTranslate.js Show response
gamesource-smbb.forestgame.me/static/ Frame 3333 3 KB
1 KB 388ms
386ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesource-smbb.forestgame.me/static/makeTranslate.js
Requested by: Host: gamesource-smbb.forestgame.me
URL: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be6db212c391e8ef8813c028c725edc3388e7d256534d5e6519c2fce7299fcfe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 231689
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Fri, 24 Nov 2023 09:18:45 GMT
server: cloudflare
etag: W/"65606a75-cdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kvrfl7SgrCHn0eyAbBt6zgFTKqhZVN7iQELN6IiebrZPKlk0tE%2FRKCli6K0wBMhGC87pt4TjFml96D6TqRsWPVlgr5YfqC9Fo48bPxrnvzb4Uh6lOUDniX%2BKmlT9J1ECSnZYo4JE1yIegSQdfevexA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=25920000
cf-ray: 87ce0dfbbd715d7c-FRA
expires: Sat, 22 Feb 2025 15:06:55 GMT

GET
H3 200 hengpingqiehuan.png
gamesource-smbb.forestgame.me/static/res/ui/ Frame 3333 8 KB
8 KB 388ms
386ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamesource-smbb.forestgame.me/static/res/ui/hengpingqiehuan.png
Requested by: Host: gamesource-smbb.forestgame.me
URL: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37331c78edb62e2478a4187e25bbc969729d541bc572fdd5bab1f0884765c595

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/sanwan9.html?sdkType=sanwan9&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 07:28:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2218414
alt-svc: h3=":443"; ma=86400
content-length: 7831
pragma: public
last-modified: Fri, 24 Nov 2023 09:18:48 GMT
server: cloudflare
etag: "65606a78-1e97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xnzTSPf6qnC%2B5LeVDO1VVD2OgGOmEE%2BDVrndIP%2FF8BXi0HMUU4EbWmnhEW1aqOLCMfMuaINXsGtVHdlpV2OBb9WbDpgGi%2B6ZlKeiU6IMZW4sWGK3yIdQQfezu0PjGtnFHGHpjakC9ytH%2B0qw3HcA%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=25920000
accept-ranges: bytes
cf-ray: 87ce0dfbbd725d7c-FRA
expires: Thu, 30 Jan 2025 15:14:50 GMT

GET
H/1.1 200 cookies.js Show response
api.mguwp.net/web/ Frame 3333 1 KB
2 KB 3143ms
3142ms Script
application/javascript 139.217.98.89
BLUECLOUD Shangha...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mguwp.net/web/cookies.js
Requested by: Host: api.mguwp.net
URL: https://api.mguwp.net/web/websdk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.217.98.89 Beijing, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software: nginx/1.13.6 /
Resource Hash: 649145ca74cc4d5d2d2230943af3deee0f7ee46e3bd5201c29de8057e9024819

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 07:28:25 GMT
Last-Modified: Wed, 01 Jul 2020 10:10:29 GMT
Server: nginx/1.13.6
ETag: W/"1499-1593598229000"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1499

GET
H/1.1 200 jquery.js Show response
api.mguwp.net/js/jquery/ Frame 3333 82 KB
82 KB 4064ms
914ms Script
application/javascript 139.217.98.89
BLUECLOUD Shangha...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mguwp.net/js/jquery/jquery.js
Requested by: Host: api.mguwp.net
URL: https://api.mguwp.net/web/websdk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.217.98.89 Beijing, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software: nginx/1.13.6 /
Resource Hash: bc7d3e3e23a6d457068b75138244c3cc57a5e8b3aeef64ee8ad8c487f05394da

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 07:28:28 GMT
Last-Modified: Tue, 17 Jul 2018 10:19:07 GMT
Server: nginx/1.13.6
ETag: W/"83570-1531822747000"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83570

GET
H/1.1 200 layer.js Show response
api.mguwp.net/js/layer/ Frame 3333 22 KB
22 KB 4315ms
737ms Script
application/javascript 139.217.98.89
BLUECLOUD Shangha...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mguwp.net/js/layer/layer.js
Requested by: Host: api.mguwp.net
URL: https://api.mguwp.net/web/websdk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.217.98.89 Beijing, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software: nginx/1.13.6 /
Resource Hash: 1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gamesource-smbb.forestgame.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 07:28:29 GMT
Last-Modified: Tue, 17 Jul 2018 10:19:07 GMT
Server: nginx/1.13.6
ETag: W/"22116-1531822747000"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22116

GET base64.js
api.mguwp.net/web/ Frame 3333 0
0

GET mgwebsdk.js
api.mguwp.net/web/ Frame 3333 0
0

GET layer.css
api.mguwp.net/js/layer/theme/default/ Frame 3333 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.mguwp.net
URL: https://api.mguwp.net/web/base64.js

Domain: api.mguwp.net
URL: https://api.mguwp.net/web/mgwebsdk.js

Domain: api.mguwp.net
URL: https://api.mguwp.net/js/layer/theme/default/layer.css?v=3.1.1

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.forestgame.me/	1970-01-20 22:25:24	Name: _fbp Value: fb.1.1714548504783.1027462688

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/685240500308159?v=2.9.154&r=stable&domain=pm-pc.forestgame.me&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mguwp.net
connect.facebook.net
gamesource-smbb.forestgame.me
pm-pc.forestgame.me
res.herollgame.com
sdk.herollgame.com
www.facebook.com
api.mguwp.net
139.217.98.89
172.67.200.71
188.114.96.3
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
43.153.39.111
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
172989e1a5eb1649a26b702652bcce5274fa921e4846ff600fba11afaba9c3aa
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3
28bb48e27087beda65f458f7368e739541b88a71cf75129d15578af8631e9214
33b0579afae2fef57f54c166de4e987d9ba464a09420fda993857ca9a022a519
37331c78edb62e2478a4187e25bbc969729d541bc572fdd5bab1f0884765c595
37a6fa6d711609a6fa97d750f58ace516d80ca39064ddf75bd595c29e2ec8cef
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
4ea52783baa313104e9d44d1d9545ae27d7b6851f25a2b44c68f5b1df13c29a7
538f13ed02bdbceb522e6157dc491bf7277993a9de51e25814d2aa4e606a0592
54e5c0729aae2f73122309847a97841a83e8ca6b723b22dc698de6ea2b7b135b
639b9dd8d05436a6455703aa9d7cd813361eb11916b7237a2ccfdce4bb314e99
649145ca74cc4d5d2d2230943af3deee0f7ee46e3bd5201c29de8057e9024819
6fe9a95dcf3886f68310b220714e805c8a62b9ede0ee8efd88eefbf52ab4b5ba
713601c1e3e76d39801d007a718d2b536a7a081e31a51f22e99ff96d58e988e2
72583e7bd38e9dd993eedbf230b2e5f06110a9b0b04f238fa56ede656a809fe8
7b1d415e16d4b0e50da7432c30c9a81fd6dc568d7d1a20b999452869988edf39
7df4f858b32631e75355e5183789c8eaee70d56b70ad49cb0324e13adde989e1
83f0cdb5726253460beb36c7d3a420df8cc226becce23de74927d3611d32a647
858dc931f1fddb9b5f0cd9c342075ff30d342d61fbcd5465fb04be645224fe65
b99524ee37360154798e41de218c489c96851028cfeb5414858eb64f9b2c4216
bc7d3e3e23a6d457068b75138244c3cc57a5e8b3aeef64ee8ad8c487f05394da
be6db212c391e8ef8813c028c725edc3388e7d256534d5e6519c2fce7299fcfe
d1aa999f51b519b28a6cd80c27510a514d3b564d0f5a9691bc4d462ae3ffd9e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb018c60787c4f68707c1b65f81f00acc65a1aee832ca062da452b7a3730f32b
f085f37a70dc1f515840a22bcdba791085ecc8a72f331def75f3deb8da5e3728
f18d46e7536a363108c0b7d7f0e97112ae7350913f566df9376f0224f66042b4
f30971fcd9c51f4a219cb994378289770f9bbdf95f1ca71d4ae31bef151f5adb

pm-pc.forestgame.me Open in urlscan Pro 43.153.39.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

91 %HTTPS

33 %IPv6

5 Domains

7 Subdomains

7 IPs

4 Countries

2563 kBTransfer

8287 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pm-pc.forestgame.me Open in urlscan Pro
43.153.39.111 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

91 %
HTTPS

33 %
IPv6

5
Domains

7
Subdomains

7
IPs

4
Countries

2563 kB
Transfer

8287 kB
Size

1
Cookies

32 HTTP transactions
0 data transactions