koa-pc.kingsgroupgames.com Open in urlscan Pro
54.213.73.194 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rr.tracker.mobiletracking.ru/tcgTd8Fm?cost=&external_id=657756022917566464&creative_id=3714953&ad_campaign_id=6683828&sub_id_...
Effective URL:
https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Submission: On March 09 via manual (March 9th 2023, 6:33:23 pm UTC) from IN — Scanned from DE

Summary HTTP 32 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 12 domains to perform 32 HTTP transactions. The main IP is 54.213.73.194, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is koa-pc.kingsgroupgames.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 10th 2023. Valid for: 7 months.

This is the only time koa-pc.kingsgroupgames.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	142.132.202.215 142.132.202.215	24940 (HETZNER-AS) (HETZNER-AS)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	54.213.73.194 54.213.73.194	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	34.107.220.206 34.107.220.206	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:9000:225... 2600:9000:2251:4800:5:7804:800:93a1	16509 (AMAZON-02) (AMAZON-02)
2	44.226.16.248 44.226.16.248	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
32	10

3 142.132.202.215 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.215.202.132.142.clients.your-server.de

rr.tracker.mobiletracking.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.211.229.246 (Huizen, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.ostlon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.hiasor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.213.73.194 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-73-194.us-west-2.compute.amazonaws.com

koa-pc.kingsgroupgames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.220.206 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.220.107.34.bc.googleusercontent.com

kg-web-cdn.kingsgroupgames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:4800:5:7804:800:93a1 (United States)

ASN16509 (AMAZON-02, US)

koa-logagent-cdn.kingsgroupgames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.226.16.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-226-16-248.us-west-2.compute.amazonaws.com

upload-s3.funplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	kingsgroupgames.com koa-pc.kingsgroupgames.com kg-web-cdn.kingsgroupgames.com — Cisco Umbrella Rank: 243124 koa-logagent-cdn.kingsgroupgames.com	318 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	176 B
3	mobiletracking.ru 1 redirects rr.tracker.mobiletracking.ru — Cisco Umbrella Rank: 497862	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 145	136 KB
2	funplus.com upload-s3.funplus.com — Cisco Umbrella Rank: 677678	659 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	40 KB
1	hiasor.com 1 redirects www.hiasor.com	872 B
1	ostlon.com 1 redirects www.ostlon.com — Cisco Umbrella Rank: 387831	868 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12537	491 B
1	exosrv.com main.exosrv.com — Cisco Umbrella Rank: 334305	448 B
1	exdynsrv.com main.exdynsrv.com — Cisco Umbrella Rank: 316316	450 B
1	exoclick.com main.exoclick.com — Cisco Umbrella Rank: 49165	450 B
32	12

	Domain	Requested by
15	koa-pc.kingsgroupgames.com	rr.tracker.mobiletracking.ru koa-pc.kingsgroupgames.com
3	www.facebook.com	rr.tracker.mobiletracking.ru koa-pc.kingsgroupgames.com
3	rr.tracker.mobiletracking.ru	1 redirects
2	connect.facebook.net	rr.tracker.mobiletracking.ru connect.facebook.net
2	upload-s3.funplus.com	koa-pc.kingsgroupgames.com
2	koa-logagent-cdn.kingsgroupgames.com	koa-pc.kingsgroupgames.com
1	kg-web-cdn.kingsgroupgames.com	koa-pc.kingsgroupgames.com
1	www.googletagmanager.com	koa-pc.kingsgroupgames.com
1	www.hiasor.com	1 redirects
1	www.ostlon.com	1 redirects
1	my.rtmark.net	rr.tracker.mobiletracking.ru
1	main.exosrv.com	rr.tracker.mobiletracking.ru
1	main.exdynsrv.com	rr.tracker.mobiletracking.ru
1	main.exoclick.com	rr.tracker.mobiletracking.ru
32	14

This site contains links to these domains. Also see Links.

Domain
funplus.com

Subject Issuer	Validity	Valid
rr.tracker.mobiletracking.ru R3	`2023-03-04` - `2023-06-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-17`	2 months	crt.sh
exoclick.com R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
exdynsrv.com R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
exosrv.com R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
rtmark.net R3	`2023-02-15` - `2023-05-16`	3 months	crt.sh
*.kingsgroupgames.com Amazon RSA 2048 M02	`2023-02-10` - `2023-09-11`	7 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
kg-web-cdn.kingsgroupgames.com GTS CA 1D4	`2023-01-13` - `2023-04-13`	3 months	crt.sh
*.funplus.com Amazon RSA 2048 M01	`2023-02-10` - `2023-05-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Frame ID: 25A25CF3F96210D355D25F774AB09408
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

King of Avalon

Page URL History Show full URLs

https://rr.tracker.mobiletracking.ru/tcgTd8Fm?cost=&external_id=657756022917566464&creative_id=3714953&ad_campaig... Page URL
https://rr.tracker.mobiletracking.ru/?_lp=1&_token=uuid_30hduha4j4039_30hduha4j4039640a266b98cbf7.38709120&sub_id... HTTP 302
https://www.ostlon.com/5L5J2G2/K8GQD51/?uid=4673&sub1=36&sub2=30hduha4j4039 HTTP 302
https://www.hiasor.com/5L5J2G2/K4HMP8F/?__rpt=0&__po=9184&__ptid=762cf5d633564717bc25f06ff7f41279&_... HTTP 302
https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM Page URL

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

32
Requests

100 %
HTTPS

45 %
IPv6

12
Domains

14
Subdomains

10
IPs

4
Countries

504 kB
Transfer

9016 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://funplus.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://funplus.com/terms-conditions/
Title: Terms and Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rr.tracker.mobiletracking.ru/tcgTd8Fm?cost=&external_id=657756022917566464&creative_id=3714953&ad_campaign_id=6683828&sub_id_1={city}&sub_id_2=16929691&sub_id_3={user_activity}&sub_id_4={region} Page URL
https://rr.tracker.mobiletracking.ru/?_lp=1&_token=uuid_30hduha4j4039_30hduha4j4039640a266b98cbf7.38709120&sub_id_10=1600x1200&sub_id_9=iframe_false&sub_id_11=+0000&sub_id_12=Intel%20Iris%20OpenGL%20Engine&sub_id_13=Win32&sub_id_14=4&sub_id_15=8&extra_param_9=0 HTTP 302
https://www.ostlon.com/5L5J2G2/K8GQD51/?uid=4673&sub1=36&sub2=30hduha4j4039 HTTP 302
https://www.hiasor.com/5L5J2G2/K4HMP8F/?__rpt=0&__po=9184&__ptid=762cf5d633564717bc25f06ff7f41279&__rpa=0&__rc=1&sub1=36&sub2=30hduha4j4039&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK tcgTd8Fm
rr.tracker.mobiletracking.ru/ 20 KB
6 KB 512ms
20ms Document
text/html 142.132.202.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rr.tracker.mobiletracking.ru/tcgTd8Fm?cost=&external_id=657756022917566464&creative_id=3714953&ad_campaign_id=6683828&sub_id_1={city}&sub_id_2=16929691&sub_id_3={user_activity}&sub_id_4={region}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.202.132.142.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Mar 2023 18:33:15 GMT
Expires: 0
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 login.php
www.facebook.com/ 0
0 97ms
68ms Image
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico
Requested by: Host: rr.tracker.mobiletracking.ru
URL: https://rr.tracker.mobiletracking.ru/tcgTd8Fm?cost=&external_id=657756022917566464&creative_id=3714953&ad_campaign_id=6683828&sub_id_1={city}&sub_id_2=16929691&sub_id_3={user_activity}&sub_id_4={region}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
450 B 58ms
15ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=175bfaeb2df3ef7a0707a2e734ea1fc3
Requested by: Host: rr.tracker.mobiletracking.ru
URL: https://rr.tracker.mobiletracking.ru/tcgTd8Fm?cost=&external_id=657756022917566464&creative_id=3714953&ad_campaign_id=6683828&sub_id_1={city}&sub_id_2=16929691&sub_id_3={user_activity}&sub_id_4={region}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 18:33:15 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
X-Robots-Tag: noindex, follow
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ 0
450 B 61ms
15ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=175bfaeb2df3ef7a0707a2e734ea1fc3
Requested by: Host: rr.tracker.mobiletracking.ru
URL: https://rr.tracker.mobiletracking.ru/tcgTd8Fm?cost=&external_id=657756022917566464&creative_id=3714953&ad_campaign_id=6683828&sub_id_1={city}&sub_id_2=16929691&sub_id_3={user_activity}&sub_id_4={region}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 18:33:15 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
X-Robots-Tag: noindex, follow
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exosrv.com/ 0
448 B 345ms
15ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exosrv.com/tag.php?goal=175bfaeb2df3ef7a0707a2e734ea1fc3
Requested by: Host: rr.tracker.mobiletracking.ru
URL: https://rr.tracker.mobiletracking.ru/tcgTd8Fm?cost=&external_id=657756022917566464&creative_id=3714953&ad_campaign_id=6683828&sub_id_1={city}&sub_id_2=16929691&sub_id_3={user_activity}&sub_id_4={region}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 18:33:15 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
X-Robots-Tag: noindex, follow
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 65ms
21ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&lr=1&partner=9cbf441efd726fdd8cd1822b42e7e39b37c315370d77c165b00b5dc37973247b

Requested by

Host: rr.tracker.mobiletracking.ru
URL: https://rr.tracker.mobiletracking.ru/tcgTd8Fm?cost=&external_id=657756022917566464&creative_id=3714953&ad_campaign_id=6683828&sub_id_1={city}&sub_id_2=16929691&sub_id_3={user_activity}&sub_id_4={region}

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:15 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

Primary Request / Show response
koa-pc.kingsgroupgames.com/
Redirect Chain

https://rr.tracker.mobiletracking.ru/?_lp=1&_token=uuid_30hduha4j4039_30hduha4j4039640a266b98cbf7.38709120&sub_id_10=1600x1200&sub_id_9=iframe_false&sub_id_11=+0000&sub_id_12=Intel%20Iris%20OpenGL%...
https://www.ostlon.com/5L5J2G2/K8GQD51/?uid=4673&sub1=36&sub2=30hduha4j4039
https://www.hiasor.com/5L5J2G2/K4HMP8F/?__rpt=0&__po=9184&__ptid=762cf5d633564717bc25f06ff7f41279&__rpa=0&__rc=1&sub1=36&sub2=30hduha4j4039&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM

2 KB
1 KB

813ms
172ms

Document
text/html

54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Requested by: Host: rr.tracker.mobiletracking.ru
URL: https://rr.tracker.mobiletracking.ru/tcgTd8Fm?cost=&external_id=657756022917566464&creative_id=3714953&ad_campaign_id=6683828&sub_id_1={city}&sub_id_2=16929691&sub_id_3={user_activity}&sub_id_4={region}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 1bb613df7d3d2b6fbe8502a95778477eb4815d565fbd98123a49897b4a635549

Request headers

Referer: https://rr.tracker.mobiletracking.ru/tcgTd8Fm?cost=&external_id=657756022917566464&creative_id=3714953&ad_campaign_id=6683828&sub_id_1={city}&sub_id_2=16929691&sub_id_3={user_activity}&sub_id_4={region}
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 18:33:16 GMT
etag: W/"63e2161e-93c"
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
vary: Accept-Encoding

Redirect headers

accept-ch: Sec-Ch-Ua-Platform-Version
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a5567c2a89ebbf8-FRA
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 18:33:16 GMT
location: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iP45pmix%2F1IBDv9k2ii1FjmCZy%2BlPOd4JGnKUJZY72ExFQzl6wchoNMloc96NASKhOd3l0jTDUZAnxpW3eqrFxVFt462r7Cwr1IkPTFNsXauU%2Bp52IRJpOhmO4%2Fg5ksr5ia%2FcfnDcx0jDu%2FSEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-eflow-request-id: e53d2432-9ad2-4bb6-9113-f3587855d371
x-served-by: cache-fra-eddf8230104-FRA
x-timer: S1678386796.956330,VS0,VE121

GET
H/1.1 200
OK tcgTd8Fm
rr.tracker.mobiletracking.ru/ 0
251 B 26ms
12ms Image
text/plain 142.132.202.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rr.tracker.mobiletracking.ru/tcgTd8Fm?sub_id=30hduha4j4039&_update_tokens=1&extra_param_8=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.202.132.142.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rr.tracker.mobiletracking.ru/tcgTd8Fm?cost=&external_id=657756022917566464&creative_id=3714953&ad_campaign_id=6683828&sub_id_1={city}&sub_id_2=16929691&sub_id_3={user_activity}&sub_id_4={region}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 18:33:15 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 index.css
koa-pc.kingsgroupgames.com/static/style/ 15 KB
4 KB 172ms
171ms Stylesheet
text/css 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://koa-pc.kingsgroupgames.com/static/style/index.css
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: cc3fcdee63acac016d90c1442e3e74730867df17a30cc0e169f5f6a506b94719

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:16 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-3a89"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 logo.png
koa-pc.kingsgroupgames.com/static/img/ 10 KB
10 KB 172ms
172ms Image
image/png 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koa-pc.kingsgroupgames.com/static/img/logo.png
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 5d93f19ddbeb243c60b80de94ce3560a41e51e114e498f6af496030acda0e7f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:16 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-28d1"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 rewards-1.png
koa-pc.kingsgroupgames.com/static/img/ 72 KB
72 KB 345ms
344ms Image
image/png 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koa-pc.kingsgroupgames.com/static/img/rewards-1.png
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: a6ad74d0dad8c40cfec7a8bd79a55984105fd7d11a2a09ffec280bc921e491b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-11fe5"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 giftcode-1-en.png
koa-pc.kingsgroupgames.com/static/img/ 49 KB
49 KB 340ms
339ms Image
image/png 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koa-pc.kingsgroupgames.com/static/img/giftcode-1-en.png
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 39c23537909e696bf6c68a89cdbd9374cdbb08cf69ac254de193a9dff81ba751

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-c31c"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 copy.png
koa-pc.kingsgroupgames.com/static/img/ 1 KB
2 KB 174ms
173ms Image
image/png 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koa-pc.kingsgroupgames.com/static/img/copy.png
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: c5f0b7ab98436d7e2319a233cb34c42cd659c711cbdda12e8bd985c992ae98b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-59f"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 pc-notice-en.png
koa-pc.kingsgroupgames.com/static/img/ 4 KB
5 KB 345ms
344ms Image
image/png 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koa-pc.kingsgroupgames.com/static/img/pc-notice-en.png
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 863fbeedcd6916f51feab9370f1601734b4d4eb093df4c451543d517d2a77401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-11b2"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 btn-1-en.png
koa-pc.kingsgroupgames.com/static/img/ 34 KB
34 KB 345ms
344ms Image
image/png 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koa-pc.kingsgroupgames.com/static/img/btn-1-en.png
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bef526368c59466d2cd58b46c5f26d3e27691fc3e7981ae3add0fc10590ee814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-8834"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 md5.min.js Show response
koa-pc.kingsgroupgames.com/static/script/ 4 KB
2 KB 172ms
171ms Script
application/javascript 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://koa-pc.kingsgroupgames.com/static/script/md5.min.js
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4a6f595b0dc8da4137124d01aa2ec4f3341b5007a4a0668aa93c508a54636ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-e72"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 clipboard.min.js Show response
koa-pc.kingsgroupgames.com/static/script/ 9 KB
4 KB 172ms
171ms Script
application/javascript 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://koa-pc.kingsgroupgames.com/static/script/clipboard.min.js
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-23c8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 custom.js Show response
koa-pc.kingsgroupgames.com/static/script/ 19 KB
7 KB 173ms
172ms Script
application/javascript 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://koa-pc.kingsgroupgames.com/static/script/custom.js
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 47b8559e33303c8dc0d63c83ccad35a6f4b3b7aaea76bfca60e190d0216d6c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-4d00"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
40 KB 136ms
51ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRZ44R9

Requested by

Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9aa875223857807fe5112d8e2d1cdf223873534144c26631e376b9bc9f78e3af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40809
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 18:33:17 GMT

GET
H2 206 video_1.mp4
kg-web-cdn.kingsgroupgames.com/official-website/pc-landing/koa/static/ 8 MB
0 89ms
45ms Media
video/mp4 34.107.220.206
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://kg-web-cdn.kingsgroupgames.com/official-website/pc-landing/koa/static/video_1.mp4
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.220.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 206.220.107.34.bc.googleusercontent.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://koa-pc.kingsgroupgames.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 07 Mar 2023 05:49:22 GMT
via: 1.1 58a361324cd2b1576fcc05c5471b9b12.cloudfront.net (CloudFront), 1.1 google
x-amz-cf-pop: AMS54-C1
age: 218635
x-cache: Hit from cloudfront
Content-Range: bytes 0-9465730/9465731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 9465731
last-modified: Mon, 19 Sep 2022 11:25:24 GMT
server: AmazonS3
etag: "00740e9ce8061f616a4e9e9e19a9e665-2"
vary: Origin
content-type: video/mp4
cache-control: public,max-age=3600
accept-ranges: bytes
x-amz-cf-id: mxS-3SstMlHE1GFhts1ku6e0XLygjaB4Y2B26AAGEaUP7cT3Oq62wg==
is_hit: hit

GET
H2 200 arrow-en.png
koa-pc.kingsgroupgames.com/static/img/ 12 KB
12 KB 339ms
335ms Image
image/png 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koa-pc.kingsgroupgames.com/static/img/arrow-en.png
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 153942c07d8ca873665b1bd114d0b2be723cae0f9d2b0d507b2be692cfc40cdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-2e85"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 notice-other-en.png
koa-pc.kingsgroupgames.com/static/img/ 85 KB
85 KB 340ms
336ms Image
image/png 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koa-pc.kingsgroupgames.com/static/img/notice-other-en.png
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 25e22975bae9624d62c604be7fa4e07655ea63f3ae7e1200ce4fb74b23290b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-15424"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 notice-other-corner.png
koa-pc.kingsgroupgames.com/static/img/ 5 KB
5 KB 340ms
335ms Image
image/png 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koa-pc.kingsgroupgames.com/static/img/notice-other-corner.png
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 632a337a03d03bb05b607c42cb25751235db70e184d70d4e2b9ace484a7e1699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-12a9"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 arrow-other-en.png
koa-pc.kingsgroupgames.com/static/img/ 25 KB
25 KB 379ms
374ms Image
image/png 54.213.73.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koa-pc.kingsgroupgames.com/static/img/arrow-other-en.png
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.73.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-73-194.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: cdcd18209a3d0de143832330fd2de5bc2e53adfcbbddffa3c74fdce398314d31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:13:02 GMT
server: nginx/1.16.1
etag: W/"63e2161e-6332"
vary: Accept-Encoding
content-type: image/png

OPTIONS
H2 204 log
koa-logagent-cdn.kingsgroupgames.com/ 0
0 388ms
303ms Preflight 2600:9000:2251:4800:5:7804:800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://koa-logagent-cdn.kingsgroupgames.com/log?tag=funplus.global.prod.pc_core&timestamp=1678386797265&signature=43094ba93579d566eeefcad09731c92d&num=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4800:5:7804:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://koa-pc.kingsgroupgames.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
date: Thu, 09 Mar 2023 18:33:17 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-id: GbCYlcBhcwAp77EdVYYnKt0DlR-p2BQv5lYATa1jt55wySKuLycqHQ==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront

POST
H2 200 log Show response
koa-logagent-cdn.kingsgroupgames.com/ 2 B
412 B 288ms
288ms XHR
application/json 2600:9000:2251:4800:5:7804:800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://koa-logagent-cdn.kingsgroupgames.com/log?tag=funplus.global.prod.pc_core&timestamp=1678386797265&signature=43094ba93579d566eeefcad09731c92d&num=1
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/static/script/custom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4800:5:7804:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://koa-pc.kingsgroupgames.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 09 Mar 2023 18:33:17 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 2
x-amz-cf-id: 9xiabmIQP0eEl6CVzDhDl5CJ2LIOASoZFvL6ZDz6UgUL1vYUR0T1_Q==

POST
H2 200 event Show response
upload-s3.funplus.com/api/upload_s3/ 47 B
659 B 545ms
183ms Fetch
application/json 44.226.16.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upload-s3.funplus.com/api/upload_s3/event
Requested by: Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/static/script/custom.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.226.16.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-226-16-248.us-west-2.compute.amazonaws.com
Software: nginx/1.15.11 /
Resource Hash: ce7c8fa19839cc68faa50b068abce1a5e201c23d6c426561163ccb14c80c8874

Request headers

deviceid: null
event: pc_page_view
accept-language: de-DE,de;q=0.9
env: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM
x-content-secret: CB5+bcZ0R2TEVJ+jn8H6ULM0PL42dsaK1Wwr+DEyx4g=
content
content-type: application/json
osversion: win64
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Referer: https://koa-pc.kingsgroupgames.com/
appid: 62fef5d838fd9e09520e7c34
platform: Windows
appversion: null

Response headers

x-trace-id: Root=1-640a266e-632a67d4576259c02feea656
x-logid: Root=1-640a266e-632a67d4576259c02feea656
date: Thu, 09 Mar 2023 18:33:18 GMT
server: nginx/1.15.11
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://koa-pc.kingsgroupgames.com
access-control-expose-headers: x-logid
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Origin,User-Agent,X-AppId,X-AppVersion,X-Content-Security,X-Timezone,X-Device-Id,X-AppChannel,Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Cache-Control, Content-Language, Content-Type,appId,env,platform,event,appVersion,deviceId,country,content,X-Content-Secret,osVersion,clickcode
content-length: 47
x-cost: 0.002

OPTIONS
H2 204 event
upload-s3.funplus.com/api/upload_s3/ 0
0 585ms
169ms Preflight 44.226.16.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upload-s3.funplus.com/api/upload_s3/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.226.16.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-226-16-248.us-west-2.compute.amazonaws.com
Software: nginx/1.15.11 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: appid,appversion,content,content-type,deviceid,env,event,osversion,platform,x-content-secret
Access-Control-Request-Method: POST
Origin: https://koa-pc.kingsgroupgames.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Origin,User-Agent,X-AppId,X-AppVersion,X-Content-Security,X-Timezone,X-Device-Id,X-AppChannel,Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Cache-Control, Content-Language, Content-Type,appId,env,platform,event,appVersion,deviceId,country,content,X-Content-Secret,osVersion,clickcode
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://koa-pc.kingsgroupgames.com
access-control-expose-headers: x-logid
access-control-max-age: 1728000
date: Thu, 09 Mar 2023 18:33:17 GMT
server: nginx/1.15.11

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 66ms
13ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Mar 2023 18:33:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: my/rD8+IUdn+jnpRX437HOOiQJEnllKQ0vxOjKAXj7smdKYe5JVU9UECJeSgOcJhZh6Py5QkdoFMDYYiXD+Saw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 401322868819033 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/401322868819033?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7ea079de320a1a1890a7e5671c5cccf0e396706fb8d1c0e826137d5b322f9361

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Mar 2023 18:33:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110256
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ZPvCl8ssXAjwA/P8A93XSSje7IRnNj6Y1d6qKHg4Pu/KBmPrshCvsOIZZXMw0L8/qvNpg3LU8q28laiedmkyeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
158 B 7ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=401322868819033&ev=PageView&dl=https%3A%2F%2Fkoa-pc.kingsgroupgames.com%2F%3Fcampaign%3Dpwngames%26source%3DOOM&rl=https%3A%2F%2Frr.tracker.mobiletracking.ru%2F&if=false&ts=1678386797405&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678386797403.1485552044&it=1678386797365&coo=false&rqm=GET

Requested by

Host: koa-pc.kingsgroupgames.com
URL: https://koa-pc.kingsgroupgames.com/?campaign=pwngames&source=OOM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Mar 2023 18:33:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 7ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=401322868819033&ev=Microdata&dl=https%3A%2F%2Fkoa-pc.kingsgroupgames.com%2F%3Fcampaign%3Dpwngames%26source%3DOOM&rl=https%3A%2F%2Frr.tracker.mobiletracking.ru%2F&if=false&ts=1678386797908&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22King%20of%20Avalon%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22King%20of%20Avalon%22%2C%22og%3Adescription%22%3A%22Build%20your%20own%20kingdom%20and%20find%20alliances%20to%20defend%20your%20people.%20Use%20your%20dragons%20against%20your%20enemies%20and%20conquest%20new%20territories.%20Become%20the%20ruler%20of%20every%20realm!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fkoa-pc.kingsgroupgames.com%2Fstatic%2Fimg%2Fshare.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.98&r=stable&ec=1&o=30&fbp=fb.1.1678386797403.1485552044&it=1678386797365&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koa-pc.kingsgroupgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Mar 2023 18:33:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rr.tracker.mobiletracking.ru/	1970-01-20 10:57:45	Name: _subid Value: 30hduha4j4039
rr.tracker.mobiletracking.ru/	1970-01-20 19:49:06	Name: 4604d Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU3NTlcIjoxNjc4Mzg2Nzk1fSxcImNhbXBhaWduc1wiOntcIjMzMzlcIjoxNjc4Mzg2Nzk1fSxcInRpbWVcIjoxNjc4Mzg2Nzk1fSJ9.AzQcMdPvGQmmZYsVQEAIOZKKgCwRSV4HPp5k9PP_ixE
rr.tracker.mobiletracking.ru/	1970-01-20 10:57:45	Name: _token Value: uuid_30hduha4j4039_30hduha4j4039640a266b98cbf7.38709120
.exoclick.com/	1970-01-20 18:58:42	Name: goals Value: a%3A1%3A%7Bi%3A82615%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-03-09%22%3B%7D%7D
.exdynsrv.com/	1970-01-20 18:58:42	Name: goals Value: a%3A1%3A%7Bi%3A82615%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-03-09%22%3B%7D%7D
my.rtmark.net/	1970-01-20 18:58:42	Name: ID Value: bb30d0ed1cd947f99d1d1d532c2c8e6b
www.ostlon.com/	1970-01-20 10:14:33	Name: uniqueClick_K8GQD51 Value: 60b7a8d1-50db-4874-9e25-3fbc79606d2b:1678386795
.exosrv.com/	1970-01-20 18:58:42	Name: goals Value: a%3A1%3A%7Bi%3A82615%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-03-09%22%3B%7D%7D
www.hiasor.com/	1970-01-20 10:14:33	Name: uniqueClick_K4HMP8F Value: 5e16a691-6775-451c-bfcb-7be66e066a6e:1678386796
www.hiasor.com/	1970-01-20 12:22:42	Name: transaction_id Value: 626bf3aafdec42f0b46aa23c0438e0c1
.kingsgroupgames.com/	1970-01-20 12:22:42	Name: _fbp Value: fb.1.1678386797403.1485552044

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
kg-web-cdn.kingsgroupgames.com
koa-logagent-cdn.kingsgroupgames.com
koa-pc.kingsgroupgames.com
main.exdynsrv.com
main.exoclick.com
main.exosrv.com
my.rtmark.net
rr.tracker.mobiletracking.ru
upload-s3.funplus.com
www.facebook.com
www.googletagmanager.com
www.hiasor.com
www.ostlon.com
139.45.195.8
142.132.202.215
2600:9000:2251:4800:5:7804:800:93a1
2a00:1450:4001:827::2008
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
34.107.220.206
44.226.16.248
54.213.73.194
95.211.229.246
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
153942c07d8ca873665b1bd114d0b2be723cae0f9d2b0d507b2be692cfc40cdd
1bb613df7d3d2b6fbe8502a95778477eb4815d565fbd98123a49897b4a635549
25e22975bae9624d62c604be7fa4e07655ea63f3ae7e1200ce4fb74b23290b5a
39c23537909e696bf6c68a89cdbd9374cdbb08cf69ac254de193a9dff81ba751
47b8559e33303c8dc0d63c83ccad35a6f4b3b7aaea76bfca60e190d0216d6c27
4a6f595b0dc8da4137124d01aa2ec4f3341b5007a4a0668aa93c508a54636ec0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d93f19ddbeb243c60b80de94ce3560a41e51e114e498f6af496030acda0e7f5
632a337a03d03bb05b607c42cb25751235db70e184d70d4e2b9ace484a7e1699
7ea079de320a1a1890a7e5671c5cccf0e396706fb8d1c0e826137d5b322f9361
863fbeedcd6916f51feab9370f1601734b4d4eb093df4c451543d517d2a77401
9aa875223857807fe5112d8e2d1cdf223873534144c26631e376b9bc9f78e3af
a6ad74d0dad8c40cfec7a8bd79a55984105fd7d11a2a09ffec280bc921e491b2
bef526368c59466d2cd58b46c5f26d3e27691fc3e7981ae3add0fc10590ee814
c5f0b7ab98436d7e2319a233cb34c42cd659c711cbdda12e8bd985c992ae98b1
cc3fcdee63acac016d90c1442e3e74730867df17a30cc0e169f5f6a506b94719
cdcd18209a3d0de143832330fd2de5bc2e53adfcbbddffa3c74fdce398314d31
ce7c8fa19839cc68faa50b068abce1a5e201c23d6c426561163ccb14c80c8874
e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

koa-pc.kingsgroupgames.com Open in urlscan Pro 54.213.73.194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

45 %IPv6

12 Domains

14 Subdomains

10 IPs

4 Countries

504 kBTransfer

9016 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

koa-pc.kingsgroupgames.com Open in urlscan Pro
54.213.73.194 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

45 %
IPv6

12
Domains

14
Subdomains

10
IPs

4
Countries

504 kB
Transfer

9016 kB
Size

11
Cookies

32 HTTP transactions
0 data transactions