urlscan.io logo urlscan.io
SecurityTrails logo

plarium.com Open in urlscan Pro
104.16.21.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://all-tcod.com/clicks/MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExMmI0MGM3NzY1MzdlZmU3N...
Effective URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554...
Submission: On March 25 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 8 countries across 31 domains to perform 87 HTTP transactions. The main IP is 104.16.21.18, located in United States and belongs to CLOUDFLARENET, US. The main domain is plarium.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 5th 2020. Valid for: 2 years.
This is the only time plarium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 193.200.64.20 6681 (GIVEME-CLOUD)
1 1 193.200.64.30 6681 (GIVEME-CLOUD)
1 1 185.137.235.9 49505 (SELECTEL)
2 3 52.210.2.133 16509 (AMAZON-02)
5 104.16.21.18 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
25 2606:2800:134... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 184.30.25.80 16625 (AKAMAI-AS)
1 151.101.13.44 54113 (FASTLY)
1 13.226.156.44 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
2 64.202.112.127 23352 (SERVERCEN...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 151.101.113.140 54113 (FASTLY)
3 7 2a02:6b8::1:119 13238 (YANDEX)
1 35.201.112.186 15169 (GOOGLE)
1 13.226.156.21 16509 (AMAZON-02)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 184.72.189.105 14618 (AMAZON-AES)
1 207.182.155.98 10297 (ENET-2)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.185.134 15169 (GOOGLE)
1 35.186.194.58 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 69.16.175.10 20446 (HIGHWINDS3)
1 2a03:2880:f01... 32934 (FACEBOOK)
87 38
1    193.200.64.20 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: etarg.network
all-tcod.com
1    193.200.64.30 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: cpabeta.com
playtator.xyz
1    185.137.235.9 (Russian Federation)

ASN49505 (SELECTEL, RU)
r.advg.agency
3    52.210.2.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com
gamesvid.go2cloud.org
5    104.16.21.18 (United States)

ASN13335 (CLOUDFLARENET, US)
plarium.com
collector.plarium.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
25    2606:2800:134:f5b:5e9:1832:1d32:106a (United States)

ASN15133 (EDGECAST, US)
cdn01.x-plarium.com
3    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2057:a000:1c:19e4:1d00:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.queit.in
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6813:ad44 (United States)

ASN13335 (CLOUDFLARENET, US)
static.x-plarium.com
2    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    184.30.25.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-80.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    13.226.156.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-44.dus51.r.cloudfront.net
d2xerlamkztbb1.cloudfront.net
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
2    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
4    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.redditstatic.com
alb.reddit.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    13.226.156.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-21.dus51.r.cloudfront.net
d221oziut8gs4d.cloudfront.net
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    184.72.189.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-189-105.compute-1.amazonaws.com
default.queit.in
1    207.182.155.98 (United States)

ASN10297 (ENET-2, US)
PTR: 207-182-155-98.xlhdns.com
mbi-fchk.x-plarium.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
9360814.fls.doubleclick.net
1    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
www.swixil.com
1    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
Apex Domain
Subdomains		 Transfer
27 x-plarium.com
cdn01.x-plarium.com
static.x-plarium.com
mbi-fchk.x-plarium.com
1 MB
6 google.com
analytics.google.com
www.google.com
adservice.google.com
827 B
6 doubleclick.net
googleads.g.doubleclick.net
9360814.fls.doubleclick.net
stats.g.doubleclick.net
3 KB
5 yandex.com
mc.yandex.com
2 KB
5 plarium.com
plarium.com
collector.plarium.com
22 KB
4 google.de
www.google.de
368 B
4 google-analytics.com
www.google-analytics.com
19 KB
3 outbrain.com
amplify.outbrain.com
tr.outbrain.com
4 KB
3 queit.in
static.queit.in
default.queit.in
85 KB
3 googletagmanager.com
www.googletagmanager.com
152 KB
3 go2cloud.org
gamesvid.go2cloud.org
3 KB
2 criteo.com
gum.criteo.com
778 B
2 fullstory.com
edge.fullstory.com
rs.fullstory.com
60 KB
2 yandex.ru
mc.yandex.ru
44 KB
2 bing.com
bat.bing.com
9 KB
2 gstatic.com
fonts.gstatic.com
30 KB
2 cloudfront.net
d2xerlamkztbb1.cloudfront.net
d221oziut8gs4d.cloudfront.net
2 KB
2 yimg.com
s.yimg.com
7 KB
1 facebook.net
connect.facebook.net
23 KB
1 swixil.com
www.swixil.com
864 B
1 reddit.com
alb.reddit.com
125 B
1 redditstatic.com
www.redditstatic.com
7 KB
1 crazyegg.com
script.crazyegg.com
1 googleadservices.com
www.googleadservices.com
14 KB
1 taboola.com
cdn.taboola.com
22 KB
1 googleapis.com
fonts.googleapis.com
629 B
1 googleoptimize.com
www.googleoptimize.com
44 KB
1 advg.agency
r.advg.agency
522 B
1 playtator.xyz
playtator.xyz
552 B
1 all-tcod.com
all-tcod.com
649 B
0 Failed
function sub() { [native code] }. Failed
87 31
Domain Requested by
25 cdn01.x-plarium.com plarium.com
cdn01.x-plarium.com
5 mc.yandex.com 2 redirects plarium.com
4 www.google.de plarium.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.google.com plarium.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com plarium.com
www.googletagmanager.com
3 plarium.com all-tcod.com
3 gamesvid.go2cloud.org 2 redirects all-tcod.com
2 collector.plarium.com all-tcod.com
2 analytics.google.com www.googletagmanager.com
2 9360814.fls.doubleclick.net 1 redirects all-tcod.com
2 default.queit.in static.queit.in
2 gum.criteo.com 1 redirects plarium.com
2 mc.yandex.ru 1 redirects all-tcod.com
2 bat.bing.com www.googletagmanager.com
plarium.com
2 tr.outbrain.com amplify.outbrain.com
plarium.com
2 fonts.gstatic.com cdn01.x-plarium.com
2 s.yimg.com plarium.com
s.yimg.com
1 connect.facebook.net www.swixil.com
1 www.swixil.com all-tcod.com
1 adservice.google.com 9360814.fls.doubleclick.net
1 rs.fullstory.com edge.fullstory.com
1 alb.reddit.com plarium.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 mbi-fchk.x-plarium.com cdn01.x-plarium.com
1 d221oziut8gs4d.cloudfront.net d2xerlamkztbb1.cloudfront.net
1 edge.fullstory.com all-tcod.com
1 www.redditstatic.com www.googletagmanager.com
1 script.crazyegg.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 d2xerlamkztbb1.cloudfront.net plarium.com
1 cdn.taboola.com plarium.com
1 amplify.outbrain.com plarium.com
1 static.x-plarium.com plarium.com
1 fonts.googleapis.com cdn01.x-plarium.com
1 static.queit.in plarium.com
1 www.googleoptimize.com plarium.com
1 r.advg.agency 1 redirects
1 playtator.xyz 1 redirects
1 all-tcod.com
0 mhjfbmdgcfjbbpaeojofohoefgiehjai Failed static.queit.in
87 42

This site contains links to these domains. Also see Links.

Domain
plarium-mobile-support.zendesk.com
company.plarium.com
Subject Issuer Validity Valid
*.go2cloud.org
Amazon		 2020-05-20 -
2021-06-20		 a year crt.sh
*.plarium.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-05 -
2022-04-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.x-plarium.com
DigiCert SHA2 Secure Server CA		 2020-04-10 -
2022-06-17		 2 years crt.sh
queit.in
Amazon		 2020-06-01 -
2021-07-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-24 -
2021-05-12		 2 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2021-06-08		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-09 -
2021-06-09		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-08 -
2021-07-06		 6 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
edge.fullstory.com
GTS CA 1D2		 2021-02-23 -
2021-05-24		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-08 -
2021-07-06		 6 months crt.sh
*.fullstory.com
R3		 2021-01-28 -
2021-04-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
swixil.com
R3		 2021-02-17 -
2021-05-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Frame ID: C2CC0A9C3DA8B80EBB20FD7AAC32C671
Requests: 82 HTTP requests in this frame

Frame: https://9360814.fls.doubleclick.net/activityi;dc_pre=CI7aht-bzO8CFUllFQgdL5kMwg;src=9360814;type=reg;cat=match0;match_id=353524479.1616701857;u2=353524479.1616701857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=1867281740691.9417
Frame ID: 9A4404CEE640969FD610827DA4FCD049
Requests: 2 HTTP requests in this frame

Frame: https://www.swixil.com/?affid=0&oid=null
Frame ID: 8FD2F88B53408FF2F5D02803F890E86D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://all-tcod.com/clicks/MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExM... Page URL
  2. http://playtator.xyz/click/?id=7121&subid_1=19148_212084_7_5_s33&subid_2=24744&subid_3=12349&subi... HTTP 302
    https://r.advg.agency/t/cjeyh/?pid=2103&sub2=13824217391616701854&sub3=12349&sub4=212084&sub5=385_... HTTP 302
    https://gamesvid.go2cloud.org/aff_c?offer_id=3118&aff_id=2168&url_id=8332&aff_sub=4554_12349&aff_sub2=60a8... HTTP 302
    https://gamesvid.go2cloud.org/aff_r?offer_id=3118&aff_id=2168&url=https%3A%2F%2Fplarium.com%2Flandings%2Fe... Page URL
  3. https://gamesvid.go2cloud.org/aff_r?offer_id=3118&aff_id=2168&redirect_pass=1&url=https%3A%2F%2Fplarium.co... HTTP 302
    https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

87
Requests

98 %
HTTPS

54 %
IPv6

31
Domains

42
Subdomains

38
IPs

8
Countries

1658 kB
Transfer

4711 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://all-tcod.com/clicks/MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExMmI0MGM3NzY1MzdlZmU3NDI5MDc0XjIyLjMuMjUuMjAyMQ== Page URL
  2. http://playtator.xyz/click/?id=7121&subid_1=19148_212084_7_5_s33&subid_2=24744&subid_3=12349&subid_4=212084 HTTP 302
    https://r.advg.agency/t/cjeyh/?pid=2103&sub2=13824217391616701854&sub3=12349&sub4=212084&sub5=385_12349&sub1=1482 HTTP 302
    https://gamesvid.go2cloud.org/aff_c?offer_id=3118&aff_id=2168&url_id=8332&aff_sub=4554_12349&aff_sub2=60a85962-ef0c-4404-a822-06d759ed0f00&sub1=1482&sub2=13824217391616701854&sub5=385_12349&sub4=212084 HTTP 302
    https://gamesvid.go2cloud.org/aff_r?offer_id=3118&aff_id=2168&url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&urlauth=500560043525416667714038091770 Page URL
  3. https://gamesvid.go2cloud.org/aff_r?offer_id=3118&aff_id=2168&redirect_pass=1&url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&urlauth=500560043525416667714038091770 HTTP 302
    https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://playtator.xyz/click/?id=7121&subid_1=19148_212084_7_5_s33&subid_2=24744&subid_3=12349&subid_4=212084 HTTP 302
  • https://r.advg.agency/t/cjeyh/?pid=2103&sub2=13824217391616701854&sub3=12349&sub4=212084&sub5=385_12349&sub1=1482 HTTP 302
  • https://gamesvid.go2cloud.org/aff_c?offer_id=3118&aff_id=2168&url_id=8332&aff_sub=4554_12349&aff_sub2=60a85962-ef0c-4404-a822-06d759ed0f00&sub1=1482&sub2=13824217391616701854&sub5=385_12349&sub4=212084 HTTP 302
  • https://gamesvid.go2cloud.org/aff_r?offer_id=3118&aff_id=2168&url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&urlauth=500560043525416667714038091770
Request Chain 51
  • https://gum.criteo.com/sync?a=1&r=2&c=421&j=handleCriteoCookie HTTP 302
  • https://gum.criteo.com/sync?s=1&a=1&r=2&c=421&j=handleCriteoCookie
Request Chain 61
  • https://9360814.fls.doubleclick.net/activityi;src=9360814;type=reg;cat=match0;match_id=353524479.1616701857;u2=353524479.1616701857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=1867281740691.9417 HTTP 302
  • https://9360814.fls.doubleclick.net/activityi;dc_pre=CI7aht-bzO8CFUllFQgdL5kMwg;src=9360814;type=reg;cat=match0;match_id=353524479.1616701857;u2=353524479.1616701857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=1867281740691.9417
Request Chain 67
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9223.w_5zK6wk1j5vTqPvRKB0QUo5UulZRML0rvMpdjcYTrNLeeSfSvmkwOm03YrV8kDU.J9G4eewcP8gaT4G1iBvyr2siBlc%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9223.JHMn2h02qGVdTLufUfvUULa62bETjiYmE6hzkXh9wn18gmLRxjLipSu3p_Bc5ihTmTjdlRupm46J5hD4rvtZ-g%2C%2C.EXn8hZTHpeQ7uS4tkn1eWcn70Uw%2C
Request Chain 78
  • https://mc.yandex.com/watch/22851190?wmode=7&page-url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&page-ref=https%3A%2F%2Fgamesvid.go2cloud.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afp%3A540%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A0%3Als%3A1062013778377%3Ahid%3A578768799%3Az%3A60%3Ai%3A20210325205057%3Aet%3A1616701857%3Ac%3A1%3Arn%3A637710941%3Au%3A1616701857231317652%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616701855545%3Ads%3A0%2C87%2C206%2C114%2C56%2C0%2C%2C260%2C0%2C%2C%2C%2C614%3Adsn%3A1%2C86%2C205%2C115%2C56%2C0%2C%2C148%2C0%2C%2C%2C%2C614%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616701857%3At%3ARAID%3A%20Shadow%20Legends HTTP 302
  • https://mc.yandex.com/watch/22851190/1?wmode=7&page-url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&page-ref=https%3A%2F%2Fgamesvid.go2cloud.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afp%3A540%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A0%3Als%3A1062013778377%3Ahid%3A578768799%3Az%3A60%3Ai%3A20210325205057%3Aet%3A1616701857%3Ac%3A1%3Arn%3A637710941%3Au%3A1616701857231317652%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616701855545%3Ads%3A0%2C87%2C206%2C114%2C56%2C0%2C%2C260%2C0%2C%2C%2C%2C614%3Adsn%3A1%2C86%2C205%2C115%2C56%2C0%2C%2C148%2C0%2C%2C%2C%2C614%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616701857%3At%3ARAID%3A%20Shadow%20Legends

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExMmI0MGM3NzY1MzdlZmU3NDI5MDc0XjIyLjMuMjUuMjAyMQ==
all-tcod.com/clicks/ 		196 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
http://all-tcod.com/clicks/MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExMmI0MGM3NzY1MzdlZmU3NDI5MDc0XjIyLjMuMjUuMjAyMQ==
Protocol
HTTP/1.1
Server
193.200.64.20 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
etarg.network
Software
nginx /
Resource Hash
02de8430e4681d2806a72609bcbaaab22835c3c78edc00351c8e831991c6706c

Request headers

Host
all-tcod.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Thu, 25 Mar 2021 19:50:54 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
P3P
CP="NON DSP COR CURa TIA"
Set-Cookie
uuid=16167014541382421243; expires=Sat, 25-Mar-2023 19:50:54 GMT; Max-Age=63072000; path=/; samesite=None; domain=.all-tcod.com; secure
Vary
Accept-Encoding
Content-Encoding
gzip
aff_r
gamesvid.go2cloud.org/
Redirect Chain
  • http://playtator.xyz/click/?id=7121&subid_1=19148_212084_7_5_s33&subid_2=24744&subid_3=12349&subid_4=212084
  • https://r.advg.agency/t/cjeyh/?pid=2103&sub2=13824217391616701854&sub3=12349&sub4=212084&sub5=385_12349&sub1=1482
  • https://gamesvid.go2cloud.org/aff_c?offer_id=3118&aff_id=2168&url_id=8332&aff_sub=4554_12349&aff_sub2=60a85962-ef0c-4404-a822-06d759ed0f00&sub1=1482&sub2=13824217391616701854&sub5=385_12349&sub4=21...
  • https://gamesvid.go2cloud.org/aff_r?offer_id=3118&aff_id=2168&url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherI...
362 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gamesvid.go2cloud.org/aff_r?offer_id=3118&aff_id=2168&url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&urlauth=500560043525416667714038091770
Requested by
Host: all-tcod.com
URL: http://all-tcod.com/clicks/MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExMmI0MGM3NzY1MzdlZmU3NDI5MDc0XjIyLjMuMjUuMjAyMQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.2.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-2-133.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
gamesvid.go2cloud.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://all-tcod.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
aff_ran_url_3118=8332; enc_aff_session_3118=ENC03ac319544a8e573d413a29367c79c583446eb8e2b2a3416cf356dad615cfbb5188144fa1f239ee4a9533c2b3e76904d0c097fd68314061d2c6ec6863c18c6d24aca91e246a55afb16fff95a2ac1f5931b9acff644be9b14fd531033e31d2c7aaf4c111a80b8c9bcc063beb15183dec9fd913e0e370453aec3e0342544e3e941e661f975dbf2c2e9792a746c8dbcba9ec047fbb1861cb6d804094f9748940ff8443eb8e7e585f2b90e0fdfc5cf9631994b52c4c6ed9d430e09a7b5e005c0630347154f4c85; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4OS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://all-tcod.com/clicks/MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExMmI0MGM3NzY1MzdlZmU3NDI5MDc0XjIyLjMuMjUuMjAyMQ==

Response headers

Server
nginx
Date
Thu, 25 Mar 2021 19:50:55 GMT
Content-Type
text/html
Content-Length
362
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Access-Control-Allow-Origin
*
X-Request-Id
fe9a74ae41766eed54c579d1335ba3f4
Access-Control-Allow-Headers
Tune-SDK-Version

Redirect headers

Server
nginx
Date
Thu, 25 Mar 2021 19:50:55 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
472
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
/aff_r?offer_id=3118&aff_id=2168&url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&urlauth=500560043525416667714038091770
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Set-Cookie
aff_ran_url_3118=8332; expires=Fri, 26 Mar 2021 19:50:55 GMT; path=/; SameSite=None; Secure enc_aff_session_3118=ENC03ac319544a8e573d413a29367c79c583446eb8e2b2a3416cf356dad615cfbb5188144fa1f239ee4a9533c2b3e76904d0c097fd68314061d2c6ec6863c18c6d24aca91e246a55afb16fff95a2ac1f5931b9acff644be9b14fd531033e31d2c7aaf4c111a80b8c9bcc063beb15183dec9fd913e0e370453aec3e0342544e3e941e661f975dbf2c2e9792a746c8dbcba9ec047fbb1861cb6d804094f9748940ff8443eb8e7e585f2b90e0fdfc5cf9631994b52c4c6ed9d430e09a7b5e005c0630347154f4c85; expires=Sun, 25 Apr 2021 19:50:55 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4OS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sun, 18 Feb 2024 06:30:55 GMT; path=/; SameSite=None; Secure
Tracking_id
102bb698b5268cfed3bcc81e1e4c06
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Origin
*
X-Request-Id
809789103a458dda3231f155d15d5dcd
Access-Control-Allow-Headers
Tune-SDK-Version
Primary Request pc_galek_f036_fdb_droapp
plarium.com/landings/en/desktop/raid/
Redirect Chain
  • https://gamesvid.go2cloud.org/aff_r?offer_id=3118&aff_id=2168&redirect_pass=1&url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgames...
  • https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
104 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.21.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET ARR/3.0 ASP.NET
Resource Hash
23423de3cf3c91388b7eea04ab398d2d65be1bd4b9e03d486198c98e18862cf1

Request headers

:method
GET
:authority
plarium.com
:scheme
https
:path
/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://gamesvid.go2cloud.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gamesvid.go2cloud.org/aff_r?offer_id=3118&aff_id=2168&url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&urlauth=500560043525416667714038091770

Response headers

date
Thu, 25 Mar 2021 19:50:55 GMT
content-type
text/html
set-cookie
__cfduid=d097d73fff34c80e41a3c4f0fd0858f2b1616701855; expires=Sat, 24-Apr-21 19:50:55 GMT; path=/; domain=.plarium.com; HttpOnly; SameSite=Lax flp=https%3a%2f%2fplarium.com%2flandings%2fen%2fdesktop%2fraid%2fpc_galek_f036_fdb_droapp%3fplid%3d339100%26pxl%3dgamesvid%26publisherID%3d2168_4554_12349%26transaction_id%3d102bb698b5268cfed3bcc81e1e4c06; expires=Sat, 01-Mar-2121 19:50:55 GMT; path=/ gu={"q":"%3fplid%3d339100%26pxl%3dgamesvid%26publisherID%3d2168_4554_12349%26transaction_id%3d102bb698b5268cfed3bcc81e1e4c06","lp":"https%3a%2f%2fplarium.com%2flandings%2fen%2fdesktop%2fraid%2fpc_galek_f036_fdb_droapp%253fplid%253d339100%2526pxl%253dgamesvid%2526publisherID%253d2168_4554_12349%2526transaction_id%253d102bb698b5268cfed3bcc81e1e4c06","rt":"Landing","r":"https%3a%2f%2fgamesvid.go2cloud.org%2f","t":1616702755,"i":0}; expires=Sat, 27-Mar-2021 19:50:55 GMT; path=/ a_uid=0e24e4b7-7efc-4a9d-816e-8ae1b0fa998c; expires=Mon, 24-May-2021 19:50:55 GMT; path=/ l_ref=https%3a%2f%2fgamesvid.go2cloud.org%2f; expires=Fri, 26-Mar-2021 19:50:55 GMT; path=/
cache-control
private
vary
Accept-Encoding
x-stackifyid
V2|034e56aa-df0f-4139-94a2-2ddcf6d62a28|C79315|CD1 V2|76b52465-f8de-4cbd-8a67-b7c184500909|C79315|CD1
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET ARR/3.0 ASP.NET
cf-cache-status
DYNAMIC
cf-request-id
090c89afdb0000737b6200f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
635aabc62e9d737b-CPH
content-encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 25 Mar 2021 19:50:55 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
364
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Pragma
no-cache
Access-Control-Allow-Origin
*
X-Request-Id
4f4b35f7b0bd0caed36806104b9055a5
Access-Control-Allow-Headers
Tune-SDK-Version
optimize.js
www.googleoptimize.com/ 		205 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-WGBHHZV
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da2b641a59235b81ce661d40aeebd7a2caf393b51dc0c533c37aafb54128de20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:55 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45218
x-xss-protection
0
expires
Thu, 25 Mar 2021 19:50:55 GMT
ad_raid_en_with_callback.js
cdn01.x-plarium.com/browser/content/portalclientpixels/src/Static-desktop/en/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/content/portalclientpixels/src/Static-desktop/en/js/ad_raid_en_with_callback.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA1) /
Resource Hash
3cb264f59a18856874af245e27ada9ef0b565848ee9ed4759a4fbf2697267058

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:55 GMT
content-encoding
gzip
last-modified
Thu, 25 Mar 2021 14:05:26 GMT
server
ECS (amb/6BA1)
age
20676
etag
"942873894+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1451
expires
Thu, 01 Apr 2021 19:50:55 GMT
styles.css
cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/ 		988 KB
128 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/styles.css
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B73) /
Resource Hash
f3d71f12ade0a5e0290aae41b424b97c79f0e193da7029d1b2ae1f728d76a1ab

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:55 GMT
content-encoding
gzip
last-modified
Mon, 22 Mar 2021 16:25:55 GMT
server
ECS (amb/6B73)
age
271027
etag
"2763451514+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
130708
expires
Thu, 01 Apr 2021 19:50:55 GMT
icon.png
cdn01.x-plarium.com/browser/content/landings/forms/036/ 		818 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/forms/036/icon.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B81) /
Resource Hash
7fbd7ac8fe69e96115bff9e25672a00aa7561968e3458e66c37dccad5127e66b

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Tue, 01 Oct 2019 13:59:36 GMT
server
ECS (amb/6B81)
age
185684
etag
"1460361289"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
818
expires
Thu, 01 Apr 2021 19:50:56 GMT
skills_7_hover.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/skills_7_hover.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7A) /
Resource Hash
2a71b5676ebaa2681e32cd7776f960bde6d7528e41693954c1bc9f7d8d91d264

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Mon, 23 Sep 2019 16:18:51 GMT
server
ECS (amb/6B7A)
age
499873
etag
"2314894799"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
9616
expires
Thu, 01 Apr 2021 19:50:56 GMT
skills_6_hover.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/skills_6_hover.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8D) /
Resource Hash
bee17407c18c2ceaa62783662fa0cfc1da282649a8af03841383a1e61117920f

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Mon, 23 Sep 2019 16:18:51 GMT
server
ECS (amb/6B8D)
age
61072
etag
"1765440643"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
9372
expires
Thu, 01 Apr 2021 19:50:56 GMT
icon_3.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/icon_3.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA4) /
Resource Hash
cc0e4e5c50c06f4ab31d1e1f65f52179ed0d2b4c8dd91fe7c2da3e2b0bb31949

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Mon, 30 Sep 2019 15:02:46 GMT
server
ECS (amb/6BA4)
age
189802
etag
"2897938529"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
5376
expires
Thu, 01 Apr 2021 19:50:56 GMT
skills_5_hover.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/skills_5_hover.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB0) /
Resource Hash
025c13d9d14d3d0443869db56f42a2182993d629bcc46c048b14a74443875915

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Mon, 23 Sep 2019 16:18:51 GMT
server
ECS (amb/6BB0)
age
112440
etag
"1834281221"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
10706
expires
Thu, 01 Apr 2021 19:50:56 GMT
icon_1.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/icon_1.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8D) /
Resource Hash
520f030bf33670e1a6a89f2cf743b8ec9c631a5c01ca59a5c754486a00d78e23

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Tue, 03 Sep 2019 14:33:32 GMT
server
ECS (amb/6B8D)
age
259804
etag
"1132049500"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1006
expires
Thu, 01 Apr 2021 19:50:56 GMT
icon_2.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/icon_2.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B82) /
Resource Hash
d0da6fd0c9889a9432bc8ea6244785aaca7fd543e01e56b76c254e6efb5f6988

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Tue, 03 Sep 2019 14:33:32 GMT
server
ECS (amb/6B82)
age
166642
etag
"2274997456"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1260
expires
Thu, 01 Apr 2021 19:50:56 GMT
skills_4_hover.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/skills_4_hover.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB5) /
Resource Hash
2bfd8ec6cf87da9827bbad240b961ef656a5e0f7c6044fa93431fd79868a8160

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Tue, 03 Sep 2019 14:33:32 GMT
server
ECS (amb/6BB5)
age
98987
etag
"3277434394"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2934
expires
Thu, 01 Apr 2021 19:50:56 GMT
gtm.js
www.googletagmanager.com/ 		215 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dd87192dbef4462b09b63c1e70ef7242cc4f90c8a06f6b6dbd6d77a6831a9ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62504
x-xss-protection
0
last-modified
Thu, 25 Mar 2021 19:06:26 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Mar 2021 19:50:56 GMT
sdk.js
static.queit.in/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.queit.in/sdk.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a000:1c:19e4:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ecstatic-3.2.1 /
Resource Hash
06748e97c8e3146494596e2cd6a85b7472e280a4a030135171b09878c0bc3a40

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 18:56:22 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
last-modified
Sun, 26 Aug 2018 06:15:13 GMT
server
ecstatic-3.2.1
age
3274
etag
W/"18352616-86801-2018-08-26T06:15:13.000Z"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
content-length
86801
x-amz-cf-id
VrbQ-9rg3HGMDzuVnZNuCAs6C3evXilLbQ1M4ZABKKwRT4I6ao9Zxw==
css2
fonts.googleapis.com/ 		2 KB
629 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@700&display=swap
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9d92dd8d88ba717b48727e906af9b299672a5d3714ed8209e2fbada39b7f94c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn01.x-plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Mar 2021 19:29:09 GMT
server
ESF
date
Thu, 25 Mar 2021 19:50:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Mar 2021 19:50:56 GMT
client.js
cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/ 		2 MB
467 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/client.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9B) /
Resource Hash
758a6ac807496fb776583c726ab9572e0965c3231218fdfbde0456806aca2a3a

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
content-encoding
gzip
last-modified
Mon, 22 Mar 2021 16:25:54 GMT
server
ECS (amb/6B9B)
age
271027
etag
"354761624+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
477507
expires
Thu, 01 Apr 2021 19:50:56 GMT
app.js
static.x-plarium.com/browser/canvas/landings.pp.analytics/v5/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.x-plarium.com/browser/canvas/landings.pp.analytics/v5/app.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3392d6f19e5f0fa6ea9414995679e168c4b4fdebb25d9d6b5a103b557a6319e3

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
8530275
content-length
2347
cf-request-id
090c89b15e00004e74f014e000000001
last-modified
Thu, 10 Jan 2019 09:14:42 GMT
server
cloudflare
etag
"64b8e4ebc4a8d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=530770144
accept-ranges
bytes
cf-ray
635aabc89a934e74-FRA
expires
Tue, 19 Jan 2038 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 25 Mar 2021 19:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2210
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5581
x-amz-id-2
jkiVtJKCvd95dcPrceA29t5jXHc9niH6O6DQZ4R0RY/1FRvMDJqOlLYqfuI59CO2MgHaFa5F4AE=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 24 Sep 2020 23:08:16 GMT
server
ATS
etag
"49db10c8315384e8dad2e92a6841ed81-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
CGDGNZRV508FNZ1G
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges
bytes
content-type
application/javascript
obtp.js
amplify.outbrain.com/cp/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.25.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 19:50:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Mar 2021 12:03:44 GMT
Server
AkamaiNetStorage
ETag
"c43e7f1b0459d05cce32768dd16af59b:1616414624.063318"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2864
Expires
Thu, 25 Mar 2021 20:10:56 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-703125246
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b7b6617091e32857bef93d8f59c76fba9791ce3f6a53e05012421961f3d6a0b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39050
x-xss-protection
0
last-modified
Thu, 25 Mar 2021 19:06:26 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Mar 2021 19:50:56 GMT
Galek.jpg
cdn01.x-plarium.com/browser/content/landings/backgrounds/galek/ 		311 KB
311 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/backgrounds/galek/Galek.jpg
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8F) /
Resource Hash
b96a77bc3747296f26a94c77800cca3722c7e28a53bd3c1538c618a49592299a

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Thu, 16 Jan 2020 09:35:19 GMT
server
ECS (amb/6B8F)
age
25570
etag
"49049152"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
318667
expires
Thu, 01 Apr 2021 19:50:56 GMT
logo_v4.png
cdn01.x-plarium.com/browser/content/landings/logo/Raid/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/logo/Raid/logo_v4.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B92) /
Resource Hash
0b6fb94a28ceef01c4b4ac283f2a973185451d20b3862af8c0e277ce418e7878

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Mon, 16 Dec 2019 08:17:11 GMT
server
ECS (amb/6B92)
age
536918
etag
"1124726608"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
8913
expires
Thu, 01 Apr 2021 19:50:56 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1153814/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1153814/tfa.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
379463ffa2ef612c5cf0e2f501a38a28495259bb7fa50c4c86d814b896b30c39

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ICaf.Pky_0WKLfFjm3BmsV_Q2bjKScKD
content-encoding
gzip
etag
"528987e0577ca50922a488c18eca112b"
age
25
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
22004
x-amz-id-2
JfLvyHcN1ZCnBzinlSzqew7l8Fx5toVwafRx/JJ3gxMZvkT90HPM1mOsfC9jm/npcLD5SLkhIpk=
x-served-by
cache-fra19136-FRA
last-modified
Tue, 09 Mar 2021 16:31:41 GMT
server
AmazonS3
x-timer
S1616701856.156020,VS0,VE1
date
Thu, 25 Mar 2021 19:50:56 GMT
vary
Accept-Encoding
x-amz-request-id
ZF7KSQZ6M1B2JB8K
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
75
x-cache-hits
1
widget.js
d2xerlamkztbb1.cloudfront.net/19762526-d305/5/ 		736 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2xerlamkztbb1.cloudfront.net/19762526-d305/5/widget.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-44.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e17ea36fde3d1266c5cd89dce07f73a7f9572d0776cae569c3d9110781964fbf

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 13:55:49 GMT
Via
1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Sun, 08 Oct 2017 14:53:27 GMT
Server
AmazonS3
Age
4514108
ETag
"c1d3d56f621632ee73f370faa2a79f44"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=29030400, public
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
736
X-Amz-Cf-Id
bY0C5NAamOPUloaA_kh15idQeF9ujedWDXulreL6rVWmO0b7OcW2zQ==
btn_yellow.png
cdn01.x-plarium.com/browser/content/landings/forms/036/036_big/btn_dwnld/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/forms/036/036_big/btn_dwnld/btn_yellow.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7A) /
Resource Hash
bd54c95d0797eddf14e5ec3f18daef0e6bf76ab90d2cf25594e0761306acd9f7

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Fri, 31 Jan 2020 11:45:43 GMT
server
ECS (amb/6B7A)
age
16300
etag
"435689365"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
6725
expires
Thu, 01 Apr 2021 19:50:56 GMT
btn_yellow_hover.png
cdn01.x-plarium.com/browser/content/landings/forms/036/036_big/btn_dwnld/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/forms/036/036_big/btn_dwnld/btn_yellow_hover.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B98) /
Resource Hash
c3772aafbbc08bae67e3fc3dd13eda925924ba96e3b2700114e420ad3aa8aa35

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Fri, 31 Jan 2020 11:45:43 GMT
server
ECS (amb/6B98)
age
16300
etag
"1964512345"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
6840
expires
Thu, 01 Apr 2021 19:50:56 GMT
001.png
cdn01.x-plarium.com/browser/content/landings/icons/awards/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/icons/awards/001.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B97) /
Resource Hash
6da28aa32ea4ebcaea6a44b773ad62e29e16c288e524ab1be3eba34d6f583303

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Thu, 23 Jan 2020 12:38:38 GMT
server
ECS (amb/6B97)
age
551208
etag
"131625993"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
9111
expires
Thu, 01 Apr 2021 19:50:56 GMT
top_line.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		83 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/top_line.png
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B73) /
Resource Hash
4da0a71762ba4d75408c2e9409a18301e814b9d9f72a11b15ca838a58e6d46bd

Request headers

Referer
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Mon, 23 Sep 2019 16:18:51 GMT
server
ECS (amb/6B73)
age
102573
etag
"3181730126"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
83
expires
Thu, 01 Apr 2021 19:50:56 GMT
top_txt_stars.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/top_txt_stars.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA0) /
Resource Hash
a1ade86d43a998ae93232045ebd3f15251ac0671fb26d99064a9c43d414ad0b8

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Mon, 23 Sep 2019 16:18:51 GMT
server
ECS (amb/6BA0)
age
554650
etag
"1822039501"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
5602
expires
Thu, 01 Apr 2021 19:50:56 GMT
bg_orange_2.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/bg_orange_2.png
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B92) /
Resource Hash
45742e7b55865692642ec7a11796dcf72f8bdc3b0e9810f85f4049ffdf86b122

Request headers

Referer
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Fri, 04 Oct 2019 09:02:43 GMT
server
ECS (amb/6B92)
age
536941
etag
"1239101901"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2246
expires
Thu, 01 Apr 2021 19:50:56 GMT
skills_7.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/skills_7.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B77) /
Resource Hash
d4bfee2f651e678bae63066e3cef15c39075e007a4c19f71ad43b56c763dc98c

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Mon, 23 Sep 2019 16:18:51 GMT
server
ECS (amb/6B77)
age
75273
etag
"2570720651"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
4737
expires
Thu, 01 Apr 2021 19:50:56 GMT
skills_6.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/skills_6.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA5) /
Resource Hash
b5eb9354ba2ccb86522166107fcc447da54773aff6274da7f94fe7dabde10258

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Mon, 23 Sep 2019 16:18:51 GMT
server
ECS (amb/6BA5)
age
75273
etag
"4250539599"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
4811
expires
Thu, 01 Apr 2021 19:50:56 GMT
skills_5.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/skills_5.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC3) /
Resource Hash
343335c2c9963287990e3d32aff66480f4cd75a45c85c81219d787642a2dc2f5

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Mon, 23 Sep 2019 16:18:51 GMT
server
ECS (amb/6BC3)
age
109134
etag
"2025461279"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
4993
expires
Thu, 01 Apr 2021 19:50:56 GMT
skills_4.png
cdn01.x-plarium.com/browser/content/landings/skills/raid_001/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/skills/raid_001/skills_4.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8F) /
Resource Hash
bbc2abc262fbe8461186674e24c7e60271162a8611f2763c1d2c7d8b8d31e319

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
last-modified
Tue, 03 Sep 2019 14:33:32 GMT
server
ECS (amb/6B8F)
age
259847
etag
"3812205592"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
3126
expires
Thu, 01 Apr 2021 19:50:56 GMT
Oswald300.woff
cdn01.x-plarium.com/browser/content/landings/fonts/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/content/landings/fonts/Oswald300.woff
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA8) /
Resource Hash
342a8924d89f14df04a7283f215f6d83a3c33be908925ef31ebfb80d112dcbaa

Request headers

Origin
https://plarium.com
Referer
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 16:04:40 GMT
server
ECS (amb/6BA8)
age
529211
etag
"2162740569+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
content-length
50719
expires
Thu, 01 Apr 2021 19:50:56 GMT
Oswald200.woff
cdn01.x-plarium.com/browser/content/landings/fonts/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/content/landings/fonts/Oswald200.woff
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB7) /
Resource Hash
d4c3bec3d45b09408c534359aa425204d9f20f3c1ec26e966502f5aa6b36a61a

Request headers

Origin
https://plarium.com
Referer
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 16:04:40 GMT
server
ECS (amb/6BB7)
age
498721
etag
"3035153947+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
content-length
51209
expires
Thu, 01 Apr 2021 19:50:56 GMT
dg4n_pLmvrkcOkBFnc5XiJwo.woff2
fonts.gstatic.com/s/cuprum/v11/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cuprum/v11/dg4n_pLmvrkcOkBFnc5XiJwo.woff2
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5f2d982c3c018dc09344cb8128f14155faec6e3e847724147879af2a60b1667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://plarium.com
Referer
https://cdn01.x-plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Mar 2021 16:31:08 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Jul 2019 00:04:22 GMT
server
sffe
age
184788
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15244
x-xss-protection
0
expires
Wed, 23 Mar 2022 16:31:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://plarium.com
Referer
https://cdn01.x-plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 01:51:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
496741
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Sun, 20 Mar 2022 01:51:55 GMT
10094756.json
s.yimg.com/wi/config/ 		2 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10094756.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 18:58:21 GMT
x-content-type-options
nosniff
age
3155
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
0QG4MNQ7ERT56A5E
x-amz-id-2
rkWM3wRvPDqOqA6iJcUAS/fXOCn5iC98ofOLlOR4fbLB1GC6Oo5+G9EkXkdasG/PjSD7K7u+4Xg=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
conversion_async.js
www.googleadservices.com/pagead/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-703125246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
bbff0182d1a1f1af97f7a7d94badc0a4df084f50c09a6213f59fa5305dc120d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13738
x-xss-protection
0
server
cafe
etag
10420051169657019655
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 25 Mar 2021 19:50:56 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=004a5b79a05aca3b2af4597936f43726e3
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 19:50:56 GMT
content-encoding
gzip
X-TraceId
dd0cb9373e619c1db9e7b55082289a6d
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=004a5b79a05aca3b2af4597936f43726e3&obApiVersion=1.1&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&optOut=false&bust=038562430602781017
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 19:50:56 GMT
Cache-Control
no-cache
X-TraceId
c27a06d5d63c6eab452d086ed2ad773a
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
js
www.googletagmanager.com/gtag/ 		136 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5FNDF9DMY8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-703125246
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fcaeaa872c35b9edc1f1e9cd13c30bc330d1682e219512d067421c5da6773820
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53626
x-xss-protection
0
expires
Thu, 25 Mar 2021 19:50:56 GMT
1349.js
script.crazyegg.com/pages/scripts/0088/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0088/1349.js?449084
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
cf-cache-status
HIT
last-modified
Thu, 25 Mar 2021 12:36:22 GMT
server
cloudflare
age
26074
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
635aabc9e9d19748-FRA
content-length
0
cf-request-id
090c89b22d0000974808180000000001
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
0
date
Thu, 25 Mar 2021 19:50:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 25 Mar 2021 21:50:56 GMT
bat.js
bat.bing.com/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref
Ref A: BD2AC743EE0246F7A84879A827DFA532 Ref B: FRAEDGE1408 Ref C: 2021-03-25T19:50:56Z
etag
"804e75f6fd11d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8562
pixel.js
www.redditstatic.com/ads/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
3912dcb6faa2dc3f07a0fadbed320e22755d6e0e2d89313d755031d7961f46bc

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Wed, 24 Mar 2021 22:28:42 GMT
server
snooserv
etag
"d038d03b4199833bd24f9260eafa823a"
vary
Accept-Encoding,Origin
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-encoding
gzip
content-length
6677
watch.js
mc.yandex.ru/metrika/ 		123 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: all-tcod.com
URL: http://all-tcod.com/clicks/MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExMmI0MGM3NzY1MzdlZmU3NDI5MDc0XjIyLjMuMjUuMjAyMQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ff12958280077b86e5352edd8df6a96630580a06c24b83e0e2f517f64b9d7b2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
content-encoding
br
last-modified
Thu, 25 Mar 2021 11:26:56 GMT
etag
"605b2bf8-ace5"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
44261
expires
Thu, 25 Mar 2021 20:50:56 GMT
fs.js
edge.fullstory.com/s/ 		197 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: all-tcod.com
URL: http://all-tcod.com/clicks/MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExMmI0MGM3NzY1MzdlZmU3NDI5MDc0XjIyLjMuMjUuMjAyMQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
58f3bc16507aab1ae441b3dba7b03e853dda9393485413f22726b57c99a7eec4

Request headers

Origin
https://plarium.com
Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 18:51:08 GMT
content-encoding
gzip
age
3588
x-guploader-uploadid
ABg5-UyQ3owKhAiwgB3zKOV2Muj5BfFkMH23vuWa4JKGV79JOG3JbAFtfrX3dG3J2PANLk4HW703fJU7jXur32B0t2NVYsu7iA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
60571
last-modified
Thu, 11 Mar 2021 14:59:02 GMT
server
UploadServer
etag
"46f9c11cbbbb9c703fd1e6f356a106c9"
x-goog-hash
crc32c=ssMiqg==, md5=RvnBHLu7nHA/0ebzVqEGyQ==
x-goog-generation
1615474742400326
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
60571
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 25 Mar 2021 19:51:08 GMT
widget.js
d221oziut8gs4d.cloudfront.net/ 		0
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d221oziut8gs4d.cloudfront.net/widget.js?id=19762526&secure&8981677
Requested by
Host: d2xerlamkztbb1.cloudfront.net
URL: https://d2xerlamkztbb1.cloudfront.net/19762526-d305/5/widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-21.dus51.r.cloudfront.net
Software
rhino-core-shield /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Mar 2021 19:50:56 GMT
Content-Encoding
gzip
Server
rhino-core-shield
X-Amz-Cf-Pop
DUS51-C1
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=UTF-8
Via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache="set-cookie"
Connection
keep-alive
Content-Length
20
X-Amz-Cf-Id
SjFvyvIOawZFsHfLJqqWNVbnE2Qg1MHtqcxzh4Z0133MVmCu467LSQ==
sync
gum.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sync?a=1&r=2&c=421&j=handleCriteoCookie
  • https://gum.criteo.com/sync?s=1&a=1&r=2&c=421&j=handleCriteoCookie
80 B
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?s=1&a=1&r=2&c=421&j=handleCriteoCookie
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c49de213e6e898e8a66843bbd53d23ead2c20f74d1cb0dd6a4e88131c64cf589
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 25 Mar 2021 19:50:56 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2565
content-length
200
expires
60

Redirect headers

location
/sync?s=1&a=1&r=2&c=421&j=handleCriteoCookie
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2116
date
Thu, 25 Mar 2021 19:50:56 GMT
content-length
177
content-type
text/html; charset=utf-8
/
plarium.com/landings/api/user/data/ 		1 KB
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://plarium.com/landings/api/user/data/?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Requested by
Host: all-tcod.com
URL: http://all-tcod.com/clicks/MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExMmI0MGM3NzY1MzdlZmU3NDI5MDc0XjIyLjMuMjUuMjAyMQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.21.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
261e6f3003ad411a3e74c07ab959e241571672ab06e3873d80daad3c015ce008

Request headers

language_id
1
app_id
27
game_id
0
theme_id
52
sitemap_id
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Content-Type
application/json

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
x-stackifyid
V2|048f3f43-a896-4601-99a8-54dac2229cff|C79315|CD1, V2|e6c1eb5a-1e20-4cf7-bfb4-a79d4089c280|C79315|CD1
cf-ray
635aabcb8a99737b-CPH
cf-request-id
090c89b3340000737bc68b5000000001
/
plarium.com/landings/api/content/ 		4 B
169 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://plarium.com/landings/api/content/?urlPart=%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06
Requested by
Host: all-tcod.com
URL: http://all-tcod.com/clicks/MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExMmI0MGM3NzY1MzdlZmU3NDI5MDc0XjIyLjMuMjUuMjAyMQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.21.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

language_id
1
app_id
27
game_id
0
theme_id
52
sitemap_id
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
content-type
application/json

Response headers

date
Thu, 25 Mar 2021 19:50:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
x-stackifyid
V2|83efb8d5-e856-4e14-b491-9c20023b9d95|C79315|CD1, V2|b781028f-1e2f-414d-853c-224f29ffa797|C79315|CD1
cf-ray
635aabcb9abc737b-CPH
content-length
4
cf-request-id
090c89b3400000737b9882a000000001
index.html
mhjfbmdgcfjbbpaeojofohoefgiehjai/ 		0
0
api
default.queit.in/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://default.queit.in/api
Requested by
Host: static.queit.in
URL: https://static.queit.in/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.72.189.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-189-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://plarium.com
Date
Thu, 25 Mar 2021 19:50:57 GMT
Connection
keep-alive
Vary
Origin
crj
mbi-fchk.x-plarium.com/api/ 		4 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mbi-fchk.x-plarium.com/api/crj?app=27&callback=1&adCampaign=339100&uid=null&usi=un-45bc70e1-7703-4156-b755-480a95c8f598
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/content/portalclientpixels/src/Static-desktop/en/js/ad_raid_en_with_callback.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.182.155.98 , United States, ASN10297 (ENET-2, US),
Reverse DNS
207-182-155-98.xlhdns.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 25 Mar 2021 19:50:57 GMT
x-correlation-id
ba4be2122ce0dee45baf7733ece7e72b
access-control-allow-credentials
true
content-length
4
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json; charset=utf-8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/703125246/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/703125246/?random=1616701856625&cv=9&fst=1616701856625&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&ref=https%3A%2F%2Fgamesvid.go2cloud.org%2F&tiba=RAID%3A%20Shadow%20Legends&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e265bd4533d31e8f266c0439d8e585183949b5a288730fc85a37f8503eb7bb85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1173
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1008233214&t=pageview&_s=1&dl=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&dr=https%3A%2F%2Fgamesvid.go2cloud.org%2F&ul=en-us&de=UTF-8&dt=RAID%3A%20Shadow%20Legends&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=724498847&gjid=1761025023&cid=353524479.1616701857&tid=UA-121176567-5&_gid=1443469968.1616701857&_r=1&gtm=2wg3h05LK4K4N&tc=x&z=95537334
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1008233214&t=pageview&_s=1&dl=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&dr=https%3A%2F%2Fgamesvid.go2cloud.org%2F&ul=en-us&de=UTF-8&dt=RAID%3A%20Shadow%20Legends&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=557074390&gjid=1608507761&cid=353524479.1616701857&tid=UA-121176567-1&_gid=1443469968.1616701857&_r=1&gtm=2wg3h05LK4K4N&tc=x&z=1140812353
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17182030&tm=gtm001&Ver=2&mid=82099042-3adc-4c9f-bf36-e12fd4a7b978&sid=6a3dd1e08da311eb93d439c853343a7a&vid=6a3e25f08da311eb8667c171d4510db8&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=RAID%3A%20Shadow%20Legends&p=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&r=https%3A%2F%2Fgamesvid.go2cloud.org%2F&lt=614&evt=pageLoad&msclkid=N&sv=1&rn=212744
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 25 Mar 2021 19:50:56 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: E1EB81D3BC72488C91FE63B94B100116 Ref B: FRAEDGE1408 Ref C: 2021-03-25T19:50:56Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CI7aht-bzO8CFUllFQgdL5kMwg;src=9360814;type=reg;cat=match0;match_id=353524479.1616701857;u2=353524479.1616701857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1...
9360814.fls.doubleclick.net/ Frame 9A44
Redirect Chain
  • https://9360814.fls.doubleclick.net/activityi;src=9360814;type=reg;cat=match0;match_id=353524479.1616701857;u2=353524479.1616701857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord...
  • https://9360814.fls.doubleclick.net/activityi;dc_pre=CI7aht-bzO8CFUllFQgdL5kMwg;src=9360814;type=reg;cat=match0;match_id=353524479.1616701857;u2=353524479.1616701857;dc_lat=;dc_rdid=;tag_for_child_...
456 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9360814.fls.doubleclick.net/activityi;dc_pre=CI7aht-bzO8CFUllFQgdL5kMwg;src=9360814;type=reg;cat=match0;match_id=353524479.1616701857;u2=353524479.1616701857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=1867281740691.9417?
Requested by
Host: all-tcod.com
URL: http://all-tcod.com/clicks/MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExMmI0MGM3NzY1MzdlZmU3NDI5MDc0XjIyLjMuMjUuMjAyMQ==
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
3b84732a5ad3295cb16c1da3acda3280f75e633eb53b78b66c6bb1a3e4a7be4c
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9360814.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CI7aht-bzO8CFUllFQgdL5kMwg;src=9360814;type=reg;cat=match0;match_id=353524479.1616701857;u2=353524479.1616701857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=1867281740691.9417?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://plarium.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://plarium.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 25 Mar 2021 19:50:56 GMT
expires
Thu, 25 Mar 2021 19:50:56 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
355
x-xss-protection
0
set-cookie
IDE=AHWqTUkY-Y5Y-RPDPD4c7wONvRqPTY136a5TDOhbTGnu-mPVOpxzJxxHI7F0zEOg; expires=Tue, 19-Apr-2022 19:50:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 25 Mar 2021 19:50:56 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9360814.fls.doubleclick.net/activityi;dc_pre=CI7aht-bzO8CFUllFQgdL5kMwg;src=9360814;type=reg;cat=match0;match_id=353524479.1616701857;u2=353524479.1616701857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=1867281740691.9417?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rp.gif
alb.reddit.com/ 		42 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1616701856927&id=t2_1ac96naq&event=PageVisit&uuid=df84ba86-7720-4588-a607-4cea9d7fa039&aaid=&em=&idfa=&opt_out=0&sh=1600&sw=1200&s=O7zFPcYX%2FzYA8YVpCfxhhn4aNkX61ecNXy3h6vtoOT4%3D
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:57 GMT
via
1.1 varnish
server
Varnish
accept-ranges
bytes
content-length
42
retry-after
0
content-type
image/gif
page
rs.fullstory.com/rec/ 		48 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
502bf01da1c6054275c1d5f8da09dfd758eccd391e5d70dfa4605a6607396734
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Mar 2021 19:50:57 GMT
via
1.1 google
x-content-type-options
nosniff
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://plarium.com
access-control-allow-credentials
true
alt-svc
clear
content-length
48
collect
analytics.google.com/g/ 		0
147 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-5FNDF9DMY8&gtm=2oe3h0&_p=1008233214&sr=1600x1200&_gaz=1&ul=en-us&cid=353524479.1616701857&_s=1&dl=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&dr=https%3A%2F%2Fgamesvid.go2cloud.org%2F&dt=RAID%3A%20Shadow%20Legends&sid=1616701856&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5FNDF9DMY8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
71 B 		Other
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5FNDF9DMY8&cid=353524479.1616701857&gtm=2oe3h0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5FNDF9DMY8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5FNDF9DMY8&cid=353524479.1616701857&gtm=2oe3h0&aip=1&z=219305666
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9223.w_5zK6wk1j5vTqPvRKB0QUo5UulZRML0rvMpdjcYTrNLeeSfSvmkwOm03YrV8kDU.J9G4eewcP8gaT4G1iBvyr2siBlc%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9223.JHMn2h02qGVdTLufUfvUULa62bETjiYmE6hzkXh9wn18gmLRxjLipSu3p_Bc5ihTmTjdlRupm46J5hD4rvtZ-g%2C%2C.EXn8hZTHpeQ7uS4tkn1eWcn70Uw%2C
57 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9223.JHMn2h02qGVdTLufUfvUULa62bETjiYmE6hzkXh9wn18gmLRxjLipSu3p_Bc5ihTmTjdlRupm46J5hD4rvtZ-g%2C%2C.EXn8hZTHpeQ7uS4tkn1eWcn70Uw%2C
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
0b5d25d725de817533ea2383733d50bf153071af3405b993cba4f71ff7741017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:57 GMT
strict-transport-security
max-age=31536000
content-length
57
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9223.JHMn2h02qGVdTLufUfvUULa62bETjiYmE6hzkXh9wn18gmLRxjLipSu3p_Bc5ihTmTjdlRupm46J5hD4rvtZ-g%2C%2C.EXn8hZTHpeQ7uS4tkn1eWcn70Uw%2C
date
Thu, 25 Mar 2021 19:50:57 GMT
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/j/ 		4 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-121176567-1&cid=353524479.1616701857&jid=557074390&gjid=1608507761&_gid=1443469968.1616701857&_u=YEDAAAABAAAAAC~&z=290192863
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 25 Mar 2021 19:50:57 GMT
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
api
default.queit.in/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://default.queit.in/api
Requested by
Host: static.queit.in
URL: https://static.queit.in/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.72.189.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-189-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://plarium.com
Date
Thu, 25 Mar 2021 19:50:57 GMT
Connection
keep-alive
Vary
Origin
advert.gif
mc.yandex.com/metrika/ 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 19:50:57 GMT
last-modified
Wed, 24 Mar 2021 12:38:31 GMT
etag
"605b2bf8-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 25 Mar 2021 20:50:57 GMT
ga-audiences
www.google.com/ads/ 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-121176567-1&cid=353524479.1616701857&jid=557074390&_u=YEDAAAABAAAAAC~&z=1860472384
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-121176567-1&cid=353524479.1616701857&jid=557074390&_u=YEDAAAABAAAAAC~&z=1860472384
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/703125246/ 		42 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/703125246/?random=1616701856625&cv=9&fst=1616698800000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&ref=https%3A%2F%2Fgamesvid.go2cloud.org%2F&tiba=RAID%3A%20Shadow%20Legends&async=1&fmt=3&is_vtc=1&random=150012077&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/703125246/ 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/703125246/?random=1616701856625&cv=9&fst=1616698800000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&ref=https%3A%2F%2Fgamesvid.go2cloud.org%2F&tiba=RAID%3A%20Shadow%20Legends&async=1&fmt=3&is_vtc=1&random=150012077&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: plarium.com
URL: https://plarium.com/landings/en/desktop/raid/pc_galek_f036_fdb_droapp?plid=339100&pxl=gamesvid&publisherID=2168_4554_12349&transaction_id=102bb698b5268cfed3bcc81e1e4c06
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
collector.plarium.com/api/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://collector.plarium.com/api/event
Requested by
Host: all-tcod.com
URL: http://all-tcod.com/clicks/MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExMmI0MGM3NzY1MzdlZmU3NDI5MDc0XjIyLjMuMjUuMjAyMQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.21.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

date
Thu, 25 Mar 2021 19:50:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://plarium.com
access-control-allow-credentials
true
cf-ray
635aabd01ae77367-CPH
content-length
0
cf-request-id
090c89b60f000073673a91c000000001
event
collector.plarium.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.plarium.com/api/event
Protocol
H2
Server
104.16.21.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://plarium.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 25 Mar 2021 19:50:57 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://plarium.com
vary
Origin
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
cf-request-id
090c89b56300007367f5167000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
635aabcef8047367-CPH
dc_pre=CI7aht-bzO8CFUllFQgdL5kMwg;src=9360814;type=reg;cat=match0;match_id=353524479.1616701857;u2=353524479.1616701857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=18672...
adservice.google.com/ddm/fls/z/ Frame 9A44 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CI7aht-bzO8CFUllFQgdL5kMwg;src=9360814;type=reg;cat=match0;match_id=353524479.1616701857;u2=353524479.1616701857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=1867281740691.9417
Requested by
Host: 9360814.fls.doubleclick.net
URL: https://9360814.fls.doubleclick.net/activityi;dc_pre=CI7aht-bzO8CFUllFQgdL5kMwg;src=9360814;type=reg;cat=match0;match_id=353524479.1616701857;u2=353524479.1616701857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=1867281740691.9417?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9360814.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/22851190/
Redirect Chain
  • https://mc.yandex.com/watch/22851190?wmode=7&page-url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_455...
  • https://mc.yandex.com/watch/22851190/1?wmode=7&page-url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4...
184 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/22851190/1?wmode=7&page-url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&page-ref=https%3A%2F%2Fgamesvid.go2cloud.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afp%3A540%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A0%3Als%3A1062013778377%3Ahid%3A578768799%3Az%3A60%3Ai%3A20210325205057%3Aet%3A1616701857%3Ac%3A1%3Arn%3A637710941%3Au%3A1616701857231317652%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616701855545%3Ads%3A0%2C87%2C206%2C114%2C56%2C0%2C%2C260%2C0%2C%2C%2C%2C614%3Adsn%3A1%2C86%2C205%2C115%2C56%2C0%2C%2C148%2C0%2C%2C%2C%2C614%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616701857%3At%3ARAID%3A%20Shadow%20Legends
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
5a1c509d02597cf29bc9b7b3770883a44799b4fac9d82b688980f267c27ff3b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 25-Mar-2021 19:50:57 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://plarium.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
184
x-xss-protection
1; mode=block
expires
Thu, 25-Mar-2021 19:50:57 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:57 GMT
last-modified
Thu, 25-Mar-2021 19:50:57 GMT
location
/watch/22851190/1?wmode=7&page-url=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&page-ref=https%3A%2F%2Fgamesvid.go2cloud.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afp%3A540%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A0%3Als%3A1062013778377%3Ahid%3A578768799%3Az%3A60%3Ai%3A20210325205057%3Aet%3A1616701857%3Ac%3A1%3Arn%3A637710941%3Au%3A1616701857231317652%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616701855545%3Ads%3A0%2C87%2C206%2C114%2C56%2C0%2C%2C260%2C0%2C%2C%2C%2C614%3Adsn%3A1%2C86%2C205%2C115%2C56%2C0%2C%2C148%2C0%2C%2C%2C%2C614%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616701857%3At%3ARAID%3A%20Shadow%20Legends
strict-transport-security
max-age=31536000
access-control-allow-origin
https://plarium.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Thu, 25-Mar-2021 19:50:57 GMT
/
www.swixil.com/ Frame 8FD2 		664 B
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.swixil.com/?affid=0&oid=null
Requested by
Host: all-tcod.com
URL: http://all-tcod.com/clicks/MTkxNDhfMjEyMDg0XzI2XzEzXzE2MTY3MDE0NTQxMzgyNDIxMjQzXjRiNmZmY2M0ZWExMmI0MGM3NzY1MzdlZmU3NDI5MDc0XjIyLjMuMjUuMjAyMQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/ Express
Resource Hash
2a8db259c9cbd2832511121d1e17bd4822d18564c0871c6e760281430424e6e1

Request headers

Host
www.swixil.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://plarium.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://plarium.com/

Response headers

Date
Thu, 25 Mar 2021 19:50:57 GMT
Connection
Keep-Alive
Cache-Control
max-age=18901532
Content-Encoding
gzip
Content-Length
441
Content-Type
text/html; charset=utf-8
Accept-Ranges
bytes
X-Powered-By
Express
ETag
W/"298-Z7/7r1ad9fKrkzC2ZUPe+7qQlKI"
X-HW
1616701857.dop211.sk1.t,1616701857.cds072.sk1.shn,1616701857.dop211.sk1.t,1616701857.cds042.sk1.c
Access-Control-Allow-Origin
*
collect
www.google-analytics.com/j/ 		2 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1008233214&t=event&ni=1&_s=1&dl=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&dr=https%3A%2F%2Fgamesvid.go2cloud.org%2F&ul=en-us&de=UTF-8&dt=RAID%3A%20Shadow%20Legends&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Down&ea=50&el=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&_u=aPDAAEABAAAAAC~&jid=1462044768&gjid=1827299433&cid=353524479.1616701857&tid=UA-121176567-1&_gid=94050587.1616701857&_r=1&gtm=2wg3h05LK4K4N&tc=x&cd2=353524479.1616701857&cd3=1616701857191&cd6=x64&cd7=&cd8=8&z=684866633
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-121176567-1&cid=353524479.1616701857&jid=1462044768&gjid=1827299433&_gid=94050587.1616701857&_u=aPDAAEABAAAAAC~&z=611324735
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 25 Mar 2021 19:50:57 GMT
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-121176567-1&cid=353524479.1616701857&jid=1462044768&_u=aPDAAEABAAAAAC~&z=193485446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-121176567-1&cid=353524479.1616701857&jid=1462044768&_u=aPDAAEABAAAAAC~&z=193485446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:50:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 8FD2 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.swixil.com
URL: https://www.swixil.com/?affid=0&oid=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.swixil.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
lubY4xx3QmXhGLjbvfh3EsP6Wt7JUYMJ+lHv5QTXXw8O1Dg2A4ZasGk9ghpCgn2Mn9LCDtdJ1ojhgPGS3OyI0g==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Thu, 25 Mar 2021 19:50:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-5FNDF9DMY8&gtm=2oe3h0&_p=1008233214&sr=1600x1200&ul=en-us&cid=353524479.1616701857&_s=2&dl=https%3A%2F%2Fplarium.com%2Flandings%2Fen%2Fdesktop%2Fraid%2Fpc_galek_f036_fdb_droapp%3Fplid%3D339100%26pxl%3Dgamesvid%26publisherID%3D2168_4554_12349%26transaction_id%3D102bb698b5268cfed3bcc81e1e4c06&dr=https%3A%2F%2Fgamesvid.go2cloud.org%2F&dt=RAID%3A%20Shadow%20Legends&sid=1616701856&sct=1&seg=0&en=scroll&_et=216&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5FNDF9DMY8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://plarium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 19:51:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mhjfbmdgcfjbbpaeojofohoefgiehjai
URL
chrome-extension://mhjfbmdgcfjbbpaeojofohoefgiehjai/index.html

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| uncl object| google_tag_manager object| google_optimize object| Affilates object| dotq function| obApi object| a object| _tfa number| _zaVerSnippet object| _zaq function| _za_api object| config object| YAHOO function| gtag object| google_tag_data object| PLP string| GoogleAnalyticsObject function| ga object| uetq function| rdt boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| _dlo_rules_ga function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| setImmediate function| clearImmediate object| regeneratorRuntime object| qa object| platform object| __SENTRY__ function| _ number| _zaVerWidget function| gReCaptchaHandler function| handleCriteoCookie function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData function| UET object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels string| _fs_loaded function| _fs_shutdown function| onYouTubeIframeAPIReady object| Ya object| yaCounter22851190

0 Cookies

6 Console Messages

Source Level URL
Text
console-api debug URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/client.js(Line 2)
Message:
[initSentry] sentry is disabled, to force enable it, add force-enable-sentry to the URL
console-api info URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/client.js(Line 2)
Message:
[Desktop][automationLabels] key "form.loginLock.input.TwoFactorCode" not found
console-api warning URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/client.js(Line 2)
Message:
[window.ga not found]
console-api info URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/client.js(Line 2)
Message:
[Desktop][automationLabels] key "form.loginLock.input.TwoFactorCode" not found
console-api info URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/422/v3.0.0/common-desktop/client.js(Line 2)
Message:
[Desktop][automationLabels] key "form.loginLock.input.TwoFactorCode" not found
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Invalid PixelID: null.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9360814.fls.doubleclick.net
adservice.google.com
alb.reddit.com
all-tcod.com
amplify.outbrain.com
analytics.google.com
bat.bing.com
cdn.taboola.com
cdn01.x-plarium.com
collector.plarium.com
connect.facebook.net
d221oziut8gs4d.cloudfront.net
d2xerlamkztbb1.cloudfront.net
default.queit.in
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
gamesvid.go2cloud.org
googleads.g.doubleclick.net
gum.criteo.com
mbi-fchk.x-plarium.com
mc.yandex.com
mc.yandex.ru
mhjfbmdgcfjbbpaeojofohoefgiehjai
plarium.com
playtator.xyz
r.advg.agency
rs.fullstory.com
s.yimg.com
script.crazyegg.com
static.queit.in
static.x-plarium.com
stats.g.doubleclick.net
tr.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.redditstatic.com
www.swixil.com
mhjfbmdgcfjbbpaeojofohoefgiehjai
104.16.21.18
13.226.156.21
13.226.156.44
142.250.185.134
142.250.185.226
151.101.113.140
151.101.13.44
184.30.25.80
184.72.189.105
185.137.235.9
193.200.64.20
193.200.64.30
207.182.155.98
2600:9000:2057:a000:1c:19e4:1d00:93a1
2606:2800:134:f5b:5e9:1832:1d32:106a
2606:4700::6813:9408
2606:4700::6813:ad44
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c04::9c
2a00:1450:400c:c04::9d
2a02:2638:1::13
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
35.186.194.58
35.201.112.186
52.210.2.133
64.202.112.127
69.16.175.10
025c13d9d14d3d0443869db56f42a2182993d629bcc46c048b14a74443875915
02de8430e4681d2806a72609bcbaaab22835c3c78edc00351c8e831991c6706c
06748e97c8e3146494596e2cd6a85b7472e280a4a030135171b09878c0bc3a40
0b5d25d725de817533ea2383733d50bf153071af3405b993cba4f71ff7741017
0b6fb94a28ceef01c4b4ac283f2a973185451d20b3862af8c0e277ce418e7878
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
23423de3cf3c91388b7eea04ab398d2d65be1bd4b9e03d486198c98e18862cf1
261e6f3003ad411a3e74c07ab959e241571672ab06e3873d80daad3c015ce008
2a71b5676ebaa2681e32cd7776f960bde6d7528e41693954c1bc9f7d8d91d264
2a8db259c9cbd2832511121d1e17bd4822d18564c0871c6e760281430424e6e1
2bfd8ec6cf87da9827bbad240b961ef656a5e0f7c6044fa93431fd79868a8160
3392d6f19e5f0fa6ea9414995679e168c4b4fdebb25d9d6b5a103b557a6319e3
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
342a8924d89f14df04a7283f215f6d83a3c33be908925ef31ebfb80d112dcbaa
343335c2c9963287990e3d32aff66480f4cd75a45c85c81219d787642a2dc2f5
379463ffa2ef612c5cf0e2f501a38a28495259bb7fa50c4c86d814b896b30c39
3912dcb6faa2dc3f07a0fadbed320e22755d6e0e2d89313d755031d7961f46bc
3b84732a5ad3295cb16c1da3acda3280f75e633eb53b78b66c6bb1a3e4a7be4c
3cb264f59a18856874af245e27ada9ef0b565848ee9ed4759a4fbf2697267058
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45742e7b55865692642ec7a11796dcf72f8bdc3b0e9810f85f4049ffdf86b122
4da0a71762ba4d75408c2e9409a18301e814b9d9f72a11b15ca838a58e6d46bd
502bf01da1c6054275c1d5f8da09dfd758eccd391e5d70dfa4605a6607396734
520f030bf33670e1a6a89f2cf743b8ec9c631a5c01ca59a5c754486a00d78e23
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58f3bc16507aab1ae441b3dba7b03e853dda9393485413f22726b57c99a7eec4
5a1c509d02597cf29bc9b7b3770883a44799b4fac9d82b688980f267c27ff3b6
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da28aa32ea4ebcaea6a44b773ad62e29e16c288e524ab1be3eba34d6f583303
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
758a6ac807496fb776583c726ab9572e0965c3231218fdfbde0456806aca2a3a
7fbd7ac8fe69e96115bff9e25672a00aa7561968e3458e66c37dccad5127e66b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a1ade86d43a998ae93232045ebd3f15251ac0671fb26d99064a9c43d414ad0b8
a5f2d982c3c018dc09344cb8128f14155faec6e3e847724147879af2a60b1667
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5eb9354ba2ccb86522166107fcc447da54773aff6274da7f94fe7dabde10258
b7b6617091e32857bef93d8f59c76fba9791ce3f6a53e05012421961f3d6a0b6
b96a77bc3747296f26a94c77800cca3722c7e28a53bd3c1538c618a49592299a
bbc2abc262fbe8461186674e24c7e60271162a8611f2763c1d2c7d8b8d31e319
bbff0182d1a1f1af97f7a7d94badc0a4df084f50c09a6213f59fa5305dc120d9
bd54c95d0797eddf14e5ec3f18daef0e6bf76ab90d2cf25594e0761306acd9f7
bee17407c18c2ceaa62783662fa0cfc1da282649a8af03841383a1e61117920f
c3772aafbbc08bae67e3fc3dd13eda925924ba96e3b2700114e420ad3aa8aa35
c49de213e6e898e8a66843bbd53d23ead2c20f74d1cb0dd6a4e88131c64cf589
cc0e4e5c50c06f4ab31d1e1f65f52179ed0d2b4c8dd91fe7c2da3e2b0bb31949
d0da6fd0c9889a9432bc8ea6244785aaca7fd543e01e56b76c254e6efb5f6988
d4bfee2f651e678bae63066e3cef15c39075e007a4c19f71ad43b56c763dc98c
d4c3bec3d45b09408c534359aa425204d9f20f3c1ec26e966502f5aa6b36a61a
da2b641a59235b81ce661d40aeebd7a2caf393b51dc0c533c37aafb54128de20
dd87192dbef4462b09b63c1e70ef7242cc4f90c8a06f6b6dbd6d77a6831a9ab8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a
e17ea36fde3d1266c5cd89dce07f73a7f9572d0776cae569c3d9110781964fbf
e265bd4533d31e8f266c0439d8e585183949b5a288730fc85a37f8503eb7bb85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f3d71f12ade0a5e0290aae41b424b97c79f0e193da7029d1b2ae1f728d76a1ab
f9d92dd8d88ba717b48727e906af9b299672a5d3714ed8209e2fbada39b7f94c
fcaeaa872c35b9edc1f1e9cd13c30bc330d1682e219512d067421c5da6773820
ff12958280077b86e5352edd8df6a96630580a06c24b83e0e2f517f64b9d7b2f