x.la Open in urlscan Pro
34.41.17.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://x.la/runescape
Effective URL:
https://x.la/runescape
Submission Tags: @phish_report
Submission: On November 21 via api (November 21st 2024, 10:59:03 am UTC) from FI — Scanned from FI

Summary HTTP 63 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 13 domains to perform 63 HTTP transactions. The main IP is 34.41.17.27, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is x.la.
TLS certificate: Issued by R11 on October 1st 2024. Valid for: 3 months.

This is the only time x.la was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	34.41.17.27 34.41.17.27	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
29	35.219.200.17 35.219.200.17	19527 (GOOGLE-2) (GOOGLE-2)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	185.30.21.72 185.30.21.72	60527 (XSOLLA-AS...) (XSOLLA-AS Xsolla (USA))
2	23.214.117.90 23.214.117.90	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.0.114 151.101.0.114	54113 (FASTLY) (FASTLY)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
2	34.196.24.78 34.196.24.78	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
3	23.96.124.68 23.96.124.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
63	18

3 34.41.17.27 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 27.17.41.34.bc.googleusercontent.com

x.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 35.219.200.17 (United States)

ASN19527 (GOOGLE-2, US)
PTR: 17.200.219.35.bc.googleusercontent.com

runescape--lfgapi.us-central1.hosted.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.30.21.72 (United States)

ASN60527 (XSOLLA-AS Xsolla (USA), Inc, US)

consent-api.xsolla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.214.117.90 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a23-214-117-90.deploy.static.akamaitechnologies.com

cdn.xsolla.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.114 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.196.24.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-24-78.compute-1.amazonaws.com

xsolla.us-6.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

id.xsolla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.124.68 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	hosted.app runescape--lfgapi.us-central1.hosted.app	2 MB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 625 s.clarity.ms — Cisco Umbrella Rank: 7882 c.clarity.ms — Cisco Umbrella Rank: 1269	30 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 3
3	xsolla.com consent-api.xsolla.com — Cisco Umbrella Rank: 383591 datagather.xsolla.com Failed id.xsolla.com	548 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	239 KB
3	x.la x.la	5 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	evergage.com xsolla.us-6.evergage.com	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	74 KB
2	xsolla.net cdn.xsolla.net — Cisco Umbrella Rank: 93919	89 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182	537 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 205	772 B
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 3960	44 KB
63	13

	Domain	Requested by
29	runescape--lfgapi.us-central1.hosted.app	x.la runescape--lfgapi.us-central1.hosted.app
4	analytics.google.com	www.googletagmanager.com
3	s.clarity.ms	www.clarity.ms
3	www.googletagmanager.com	x.la www.googletagmanager.com
3	x.la	runescape--lfgapi.us-central1.hosted.app
2	c.clarity.ms	1 redirects
2	www.facebook.com	x.la
2	xsolla.us-6.evergage.com	cdn.evgnet.com
2	connect.facebook.net	x.la connect.facebook.net
2	www.clarity.ms	x.la www.clarity.ms
2	cdn.xsolla.net	runescape--lfgapi.us-central1.hosted.app
2	consent-api.xsolla.com	runescape--lfgapi.us-central1.hosted.app
1	c.bing.com	1 redirects
1	id.xsolla.com	runescape--lfgapi.us-central1.hosted.app
1	cdn.evgnet.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
0	datagather.xsolla.com Failed	runescape--lfgapi.us-central1.hosted.app
63	19

This site contains links to these domains. Also see Links.

Domain
instagram.com
twitter.com
youtube.com

Subject Issuer	Validity	Valid
www.x.la R11	`2024-10-01` - `2024-12-30`	3 months	crt.sh
runescape--lfgapi.us-central1.hosted.app WR3	`2024-11-09` - `2025-02-07`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.xsolla.com Thawte TLS RSA CA G1	`2024-08-19` - `2025-09-19`	a year	crt.sh
cdn.xsolla.net DigiCert TLS RSA SHA256 2020 CA1	`2024-07-26` - `2025-07-28`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-02-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.us-6.evergage.com Amazon RSA 2048 M03	`2024-10-13` - `2025-11-11`	a year	crt.sh
id.xsolla.com WR3	`2024-10-25` - `2025-01-23`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://x.la/runescape
Frame ID: CB519C03DF295C566EBAE711489B0E7A
Requests: 59 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-QMYFZVFR26&gacid=331446657.1732186736&gtm=45je4bk0v9170309620za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=256721806
Frame ID: DAD38F5351B94AEFCCBC60386205306B
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fx.la
Frame ID: 34243C1B1C90802316367A8BCEC59AB2
Requests: 1 HTTP requests in this frame

Frame: https://id.xsolla.com/?locale=en-US&position=top-right&enabledOrbs=%5B%5D&loginProjectId=dcc83710-3bdd-4808-a6fd-e75f99f509fc&trackId=173218673666181MzcuMzY%3D&isMobile=false&theme=theme-dark
Frame ID: D7FDF6BAF99D6171011BC2E837277EE6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://x.la/runescape HTTP 307
https://x.la/runescape Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

63
Requests

94 %
HTTPS

39 %
IPv6

13
Domains

19
Subdomains

18
IPs

5
Countries

2777 kB
Transfer

4779 kB
Size

24
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://instagram.com/runescape

Search URL Search Domain Scan URL

URL: https://twitter.com/runescape

Search URL Search Domain Scan URL

URL: https://youtube.com/runescape

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://x.la/runescape HTTP 307
https://x.la/runescape Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=875F5118BEE846EDBE1A2F68967C67BE&RedC=c.clarity.ms&MXFR=21ED6A98B01868D13D1C7FA6B4186652 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=875F5118BEE846EDBE1A2F68967C67BE&MUID=309F50121F7E6AAC2F7F452C1EAC6BA6

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request runescape Show response
x.la/
Redirect Chain

http://x.la/runescape
https://x.la/runescape

8 KB
3 KB

563ms
206ms

Document
text/html

34.41.17.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://x.la/runescape

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.41.17.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.17.41.34.bc.googleusercontent.com

Software

nginx / Next.js

Resource Hash

fb9398a4e1559aca8494e6492f4ddf950276c3b48dcfe128d7df172fdb98452a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=60,s-maxage=3600,stale-while-revalidate
cdn-cache-status: miss
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 21 Nov 2024 10:58:55 GMT
etag: "aqdmxhqm5i6gm"
server: nginx
server-timing: l2gfet4t7; dur=30
strict-transport-security: max-age=31536000; includeSubDomains
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
via: 1.1 google
x-nextjs-cache: HIT
x-powered-by: Next.js
x-served-by: x.la

Redirect headers

Location: https://x.la/runescape
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 3023dd26425f01c1.css
runescape--lfgapi.us-central1.hosted.app/_next/static/css/ 12 KB
2 KB 559ms
275ms Stylesheet
text/css 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/3023dd26425f01c1.css
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 8c342ff6e24dc92f745c135dc9948b56767c734045a048bfae15bf9128442efe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
etag: W/"2f51-49773873e8"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=23
date: Thu, 21 Nov 2024 10:58:55 GMT
x-cloud-trace-context: 225dcc6075f616d54ab5f55fee998e25
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=120
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
content-length: 2081
server: envoy

GET
H2 200 858e2309db923426.css
runescape--lfgapi.us-central1.hosted.app/_next/static/css/ 45 KB
9 KB 597ms
314ms Stylesheet
text/css 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 42be29f0ad704383fd2d01660718d50974ea41db62f6ef49f3be73ef363ee4ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: public,max-age=120
content-encoding: gzip
etag: W/"b2fa-49773873e8"
cdn-cache-status: miss
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=37
date: Thu, 21 Nov 2024 10:58:55 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
vary: Accept-Encoding

GET
H2 200 webpack-04e0f0da70db0d6a.js Show response
runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/ 4 KB
2 KB 541ms
278ms Script
application/javascript 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/webpack-04e0f0da70db0d6a.js
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: a23c0cbe51c2f241c09ea3f481a31b158e0355e467178f3eda837ec1ca8fc652

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
etag: W/"efb-49773873e8"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=34
date: Thu, 21 Nov 2024 10:58:55 GMT
x-cloud-trace-context: c3a78318024fe8393c6405ca79f390dd
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=120
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
content-length: 1812
server: envoy

GET
H2 200 fd9d1056-56801f1d15ced78a.js Show response
runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/ 169 KB
53 KB 463ms
201ms Script
application/javascript 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/fd9d1056-56801f1d15ced78a.js
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 71ed963804cbd4b773b16a2e290fb534288140999cca4833a8ff300a9d72a9b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
etag: W/"2a31f-49773873e8"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=25
date: Thu, 21 Nov 2024 10:58:55 GMT
x-cloud-trace-context: d34ebd8ed9bf4f0577c61798e2668ed9
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=120
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
content-length: 53742
server: envoy

GET
H2 200 23-d806635937183afc.js Show response
runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/ 120 KB
31 KB 544ms
282ms Script
application/javascript 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/23-d806635937183afc.js
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 433d1cc1d2d3382200a71f771aa921cc4a3e90294e56cdeda72776a023fc013d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
etag: W/"1e123-49773873e8"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=25
date: Thu, 21 Nov 2024 10:58:55 GMT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-cloud-trace-context: d85751ca75c2a93bef9d16e4daa24168
cache-control: public,max-age=120
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
content-length: 31554
server: envoy

GET
H2 200 main-app-a3a7cdb64cd3c793.js Show response
runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/ 462 B
565 B 576ms
314ms Script
application/javascript 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/main-app-a3a7cdb64cd3c793.js
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 451677e8d3a09f1487633de87e119b48fd02a5fc9ea05c62c585cf607526c280

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: public,max-age=120
etag: W/"1ce-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=25
content-length: 462
date: Thu, 21 Nov 2024 10:58:55 GMT
x-cloud-trace-context: e950dd31627dc8f6d868fbc1c70a86c8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding

GET
H2 200 588-7690b2387e0f8719.js Show response
runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/ 49 KB
16 KB 351ms
350ms Script
application/javascript 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/588-7690b2387e0f8719.js
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 65cb8dd1d576d1801ce0c4131a0c43aa3b056edc79e24441dceff367f98e8657

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
etag: W/"c359-49773873e8"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=27
date: Thu, 21 Nov 2024 10:58:55 GMT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-cloud-trace-context: 5bfc9902955fe3edeb1d475d28511c10
cache-control: public,max-age=120
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
content-length: 16202
server: envoy

GET
H2 200 layout-bfb0a75b5de87de6.js Show response
runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/app/ 14 KB
5 KB 331ms
330ms Script
application/javascript 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/app/layout-bfb0a75b5de87de6.js
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: fdfe4043e074cb26be38b6fb9be59b981a507e99406201bb5ff0cdb9906eb390

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
etag: W/"38f3-49773873e8"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=25
date: Thu, 21 Nov 2024 10:58:55 GMT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-cloud-trace-context: 7095d9cfd6ee5b15b5685361efe488a1
cache-control: public,max-age=120
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
content-length: 5013
server: envoy

GET
H2 200 7b7d86e4-6a3764a7e99c0aa6.js Show response
runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/ 667 KB
291 KB 221ms
221ms Script
application/javascript 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/7b7d86e4-6a3764a7e99c0aa6.js
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: a7edf3de2717f3c09039247afcfb312e3845bec8edb15ebeb93e0162ce661f39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: public,max-age=120
content-encoding: gzip
etag: W/"a6c0f-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=22
date: Thu, 21 Nov 2024 10:58:55 GMT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
content-type: application/javascript; charset=UTF-8
server: envoy
x-cloud-trace-context: 5e57204e2f6f7fa603f2406387c3537d
vary: Accept-Encoding

GET
H2 200 f890ee9a-4fb877f74ce3228c.js Show response
runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/ 343 KB
76 KB 315ms
315ms Script
application/javascript 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/f890ee9a-4fb877f74ce3228c.js
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 3565ea0636a568bc198896f22d38d5691849cbdc7fc59564a5c8f7a8f6471908

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
etag: W/"55b66-49773873e8"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=24
date: Thu, 21 Nov 2024 10:58:55 GMT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-cloud-trace-context: 45dfe0957099e73efd6d2d01483245f4
cache-control: public,max-age=120
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
content-length: 77169
server: envoy

GET
H2 200 429-8d1b2ced91ad9df5.js Show response
runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/ 163 KB
53 KB 322ms
322ms Script
application/javascript 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/429-8d1b2ced91ad9df5.js
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 5cc72fec761b991554e1b93af0e145f4e36d0b41a079a078f4478c468ffdb518

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
etag: W/"28c4d-49773873e8"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=23
date: Thu, 21 Nov 2024 10:58:55 GMT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-cloud-trace-context: 53f64e4e820893d6e5d9419edd222477
cache-control: public,max-age=120
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
content-length: 53878
server: envoy

GET
H2 200 page-1dbd02d5ce7d68bd.js Show response
runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/app/ 47 KB
13 KB 359ms
358ms Script
application/javascript 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/app/page-1dbd02d5ce7d68bd.js
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 590cd2541535c88e9fea917836490bada077169c51de2eaffd421429a4e7a705

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
etag: W/"baab-49773873e8"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=34
date: Thu, 21 Nov 2024 10:58:55 GMT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-cloud-trace-context: ce2fe7522dcfdaf91824c78bc0eeba4f
cache-control: public,max-age=120
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
content-length: 13416
server: envoy

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 424 KB
135 KB 218ms
86ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QMYFZVFR26

Requested by

Host: x.la
URL: https://x.la/runescape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e53b6b510b9e957d616bf1e8381bcd961b44850c816febed33567bfa5106cb85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 21 Nov 2024 10:58:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 10:58:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 137687
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 327 KB
104 KB 86ms
85ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PK32LG2B

Requested by

Host: x.la
URL: https://x.la/runescape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1619aaf145bb0a4f2ba896cbba5291ce256aadae22fb17b62b232a88e1d2868e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 21 Nov 2024 10:58:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 10:58:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 21 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105974
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
analytics.google.com/g/ 0
0 208ms
67ms Fetch
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QMYFZVFR26&gtm=45je4bk0v9170309620za200&_p=1732186736097&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=331446657.1732186736&ecid=411250378&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_eu=Ag&_s=1&sid=1732186736&sct=1&seg=0&dl=https%3A%2F%2Fx.la%2Frunescape&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1464
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMYFZVFR26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://x.la
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 10:58:56 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
537 B 228ms
74ms Ping
text/plain 2a00:1450:400c:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QMYFZVFR26&cid=331446657.1732186736&gtm=45je4bk0v9170309620za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMYFZVFR26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://x.la
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 10:58:56 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame DAD3 0
0 205ms
73ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-QMYFZVFR26&gacid=331446657.1732186736&gtm=45je4bk0v9170309620za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=256721806

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMYFZVFR26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x.la/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 10:58:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 802.b3ccaca8a8b721b6.js Show response
runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/ 1 KB
786 B 202ms
201ms Script
application/javascript 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/802.b3ccaca8a8b721b6.js
Requested by: Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/webpack-04e0f0da70db0d6a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 52195f8d3a6f76bc741495685ec368bff231c0589907759684956d7ba9517a91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
etag: W/"49b-49773873e8"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=25
date: Thu, 21 Nov 2024 10:58:56 GMT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-cloud-trace-context: fcc2fcdc5740fe49fa014736eac009a1
cache-control: public,max-age=120
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
content-length: 682
server: envoy

POST
H2 204 collect
analytics.google.com/g/ 0
0 182ms
68ms Fetch
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QMYFZVFR26&gtm=45je4bk0v9170309620za200&_p=1732186736097&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=331446657.1732186736&ecid=411250378&ul=fi-fi&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pae=1&_eu=AAg&_s=2&sid=1732186736&sct=1&seg=0&dl=https%3A%2F%2Fx.la%2Frunescape&dt=&en=click_to_offer&_et=7&tfd=1492
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMYFZVFR26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://x.la
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 10:58:56 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
analytics.google.com/g/ 0
0 179ms
70ms Fetch
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QMYFZVFR26&gtm=45je4bk0v9170309620za200&_p=1732186736097&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=331446657.1732186736&ecid=411250378&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AkA&_s=3&sid=1732186736&sct=1&seg=0&dl=https%3A%2F%2Fx.la%2Frunescape&dt=&en=scroll&epn.percent_scrolled=90&_et=11&tfd=1498
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMYFZVFR26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://x.la
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 10:58:56 GMT
content-type: text/plain
server: Golfe2

OPTIONS
H2 200 consent
consent-api.xsolla.com/v2/ Frame 0
0 678ms
224ms Preflight 185.30.21.72
XSOLLA-AS Xsolla ...

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.xsolla.com/v2/consent

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.30.21.72 , United States, ASN60527 (XSOLLA-AS Xsolla (USA), Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://x.la
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: PUT,GET,OPTIONS
access-control-allow-origin: https://x.la
access-control-max-age: 43200
content-length: 0
date: Thu, 21 Nov 2024 10:58:56 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 top-bg-title.png
runescape--lfgapi.us-central1.hosted.app/ 268 KB
269 KB 197ms
197ms Image
image/png 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/top-bg-title.png
Requested by: Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 3c16c956eea12a6ef1fa447d0d2563b660d6ab0fee1f588251c58f53594e6aae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css

Response headers

cache-control: public,max-age=0
etag: W/"4311b-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=22
content-length: 274715
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: 6d939f7574dc79b8fe6208fc55e524d2
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/png

GET
H2 200 title-frame-tablet-desktop.webp
runescape--lfgapi.us-central1.hosted.app/ 10 KB
10 KB 239ms
239ms Image
image/webp 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/title-frame-tablet-desktop.webp
Requested by: Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 49a4fb4694e3228341ffa04da5eeca43cb5cec87bd30ff09c874b5e3900d620e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css

Response headers

cache-control: public,max-age=0
etag: W/"27c4-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=34
content-length: 10180
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: 163850b5e13ca83acde63a396a241709
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/webp

GET
H2 200 bottom-bg-title.png
runescape--lfgapi.us-central1.hosted.app/ 223 KB
223 KB 238ms
237ms Image
image/png 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/bottom-bg-title.png
Requested by: Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: b201ac10925415c2793efdb555c8f08fb10406cf7a703d08d7f8e153c1bfa635

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css

Response headers

cache-control: public,max-age=0
etag: W/"37b17-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=26
content-length: 228119
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: fdaa4f2259e35a2cc86d3efda5b70856
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/png

GET
H2 200 slide-1.webp
runescape--lfgapi.us-central1.hosted.app/ 167 KB
168 KB 220ms
220ms Image
image/webp 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/slide-1.webp
Requested by: Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: d5bc83dadd0ea345cb1501ec66bd52b7ecc697bd580b0e233becd6333921ca69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css

Response headers

cache-control: public,max-age=0
etag: W/"29d7e-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=27
content-length: 171390
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: e448f1d95a63e0a4349305867ed21e74
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/webp

GET
H2 200 slide-2.webp
runescape--lfgapi.us-central1.hosted.app/ 102 KB
102 KB 284ms
283ms Image
image/webp 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/slide-2.webp
Requested by: Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: efa5a1089a80954d1bf944349f0cd8d9a146c97344e616a9485a115638195fb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css

Response headers

cache-control: public,max-age=0
etag: W/"19944-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=26
content-length: 104772
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: 45fbe308858c1694c09b00cd7f755ff3
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/webp

GET
H2 200 slide-3.webp
runescape--lfgapi.us-central1.hosted.app/ 164 KB
165 KB 270ms
270ms Image
image/webp 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/slide-3.webp
Requested by: Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 4cb6fcf51ec3e71a629bc88d7c005bae1539d1203e6a9a6780bb8bfad39f59d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css

Response headers

cache-control: public,max-age=0
etag: W/"29172-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=31
content-length: 168306
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: d69b03cd897c9c20f7b88c441c6c120d
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/webp

GET
H2 200 slide-4.webp
runescape--lfgapi.us-central1.hosted.app/ 80 KB
80 KB 215ms
214ms Image
image/webp 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/slide-4.webp
Requested by: Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: c17ab6285d7fd3b42bb453fdb4b9d0e3434b9ce813e615bdfea333de432fdbaf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css

Response headers

cache-control: public,max-age=0
etag: W/"140fc-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=26
content-length: 82172
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: a0a42e76945e3cb6401afa22695253c9
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/webp

GET
H2 200 footer-desktop.png
runescape--lfgapi.us-central1.hosted.app/ 17 KB
17 KB 270ms
270ms Image
image/png 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/footer-desktop.png
Requested by: Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e18073a87f5ee9f8225762e5c608dd989259383d64ab6da5b0fc6a7ddd1a37e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css

Response headers

cache-control: public,max-age=0
etag: W/"4489-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=27
content-length: 17545
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: ad05a5cb34c59be5aa95f8fa6cdfa6dc
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/png

GET
H2 200 Graphik-Regular-Cy-Web.woff2
cdn.xsolla.net/ds-switch/fonts/GraphikLCWeb/ 42 KB
43 KB 240ms
75ms Font
application/octet-stream 23.214.117.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.xsolla.net/ds-switch/fonts/GraphikLCWeb/Graphik-Regular-Cy-Web.woff2

Requested by

Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.214.117.90 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-214-117-90.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0d35bfbbd1775816f1d672b2fb666f75089e96e71c5f60bc02f3fc1ee13d1a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://x.la
Referer: https://runescape--lfgapi.us-central1.hosted.app/

Response headers

strict-transport-security: max-age=63072000
cache-control: max-age=315360000, public
timing-allow-origin: *
etag: "626125fc-a9ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43501
date: Thu, 21 Nov 2024 10:58:56 GMT
content-type: application/octet-stream
last-modified: Thu, 21 Apr 2022 09:38:04 GMT
server: nginx

GET
H2 200 Graphik-Medium-Cy-Web.woff2
cdn.xsolla.net/ds-switch/fonts/GraphikLCWeb/ 46 KB
46 KB 327ms
163ms Font
application/octet-stream 23.214.117.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.xsolla.net/ds-switch/fonts/GraphikLCWeb/Graphik-Medium-Cy-Web.woff2

Requested by

Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/css/858e2309db923426.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.214.117.90 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-214-117-90.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

648531decf70e26981883e410c6880867080a48f6907fc258eb0d3af00e8b31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://x.la
Referer: https://runescape--lfgapi.us-central1.hosted.app/

Response headers

strict-transport-security: max-age=63072000
cache-control: max-age=315360000, public
timing-allow-origin: *
etag: "626125fc-b661"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 46689
date: Thu, 21 Nov 2024 10:58:56 GMT
content-type: application/octet-stream
last-modified: Thu, 21 Apr 2022 09:38:04 GMT
server: nginx

PUT
H2 200 consent Show response
consent-api.xsolla.com/v2/ 225 B
548 B 678ms
233ms XHR
application/json 185.30.21.72
XSOLLA-AS Xsolla ...

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.xsolla.com/v2/consent

Requested by

Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/f890ee9a-4fb877f74ce3228c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.30.21.72 , United States, ASN60527 (XSOLLA-AS Xsolla (USA), Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

bae8874d5c9e0f182764af7980b750139477a0d192cdc0bf0f7c1b6d599835d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://x.la/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-geoip-country: FI
access-control-allow-credentials: true
access-control-allow-origin: https://x.la
content-length: 225
date: Thu, 21 Nov 2024 10:58:57 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: nginx

POST
H3 200 collect
www.google.com/ccm/ 0
0 217ms
68ms Ping
text/plain 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fx.la%2Frunescape&scrsrc=www.googletagmanager.com&frm=0&rnd=991688103.1732186736&auid=1050738835.1732186736&npa=0&gtm=45He4bk0v9169976539za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732186736336&tfd=1566&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK32LG2B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

GET
H2 200 m105ylxklh Show response
www.clarity.ms/tag/ 689 B
1 KB 454ms
235ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/m105ylxklh?ref=gtm2
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 935844826b35053c6b5b3544d7d495fea867b00ef6339b1862b0d9f52880a128

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 689
date: Thu, 21 Nov 2024 10:58:56 GMT
content-type: application/x-javascript
x-azure-ref: 20241121T105856Z-16b7b566b7dbvt2phC1DUSc01c00000004pg00000000nfm9

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/xsolla/engage/scripts/ 158 KB
44 KB 195ms
57ms Script
application/javascript 151.101.0.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/xsolla/engage/scripts/evergage.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK32LG2B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.114 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 411699a1ca5ec5c7f1c2e1718f512efb4a3519cb64b55301c52f6b8d9d7eab7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
etag: "8705860bcfe1a351f0155297f681c053"
x-amz-version-id: 1.lBVFVfk..7Ues.mq5PGFfRRGD18FD7
age: 77
x-cache: HIT, HIT
date: Thu, 21 Nov 2024 10:58:56 GMT
last-modified: Tue, 19 Nov 2024 14:34:36 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kcgs7200175-IAD, cache-fra-etou8220056-FRA
x-cache-hits: 116642, 1
x-amz-id-2: fjM84jAfsPmxkVOOwo0Vtxe78GmHGfsdYyYF9GQ2FEPGub+5cVjh3SzTESLB3AJzHmGTInqSaX5Oql5+SLcXvw==
x-amz-meta-evergage-beacon-ver: 16
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=120
timing-allow-origin: *
x-amz-meta-evergage-sum: cf5f4c50218fe60febab0d1ce19ccdc466554c1b
x-timer: S1732186737.516496,VS0,VE1
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: BE7GFC46J60H0QS7
accept-ranges: bytes
content-length: 44414
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 122ms
59ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: x.la
URL: https://x.la/runescape

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-WTm7ITHg' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 10:58:56 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-WTm7ITHg' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4427, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: vFQYoWSWzgHhYNE9mSzH7YpiUwvaW/w5xtA2Im44pSWKDeiaxLkObU8BUHFUAb+ZpFswNsPQM6q7Wmf9e6oxVA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 xsolla-mall-light--vector.4310313a.svg
runescape--lfgapi.us-central1.hosted.app/_next/static/media/ 8 KB
3 KB 294ms
293ms Image
image/svg+xml 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/media/xsolla-mall-light--vector.4310313a.svg
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: db5c3854a9aa777f437d1af279ede18433e5bea753e52ac3b11606e2e6d66c58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
etag: W/"1e36-49773873e8"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=35
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: 3cfa79dd7e5873ebd644c3914dc7c4af
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=120
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
content-length: 3043
server: envoy

GET
H3 200 runescape-logo.ba484fd6.webp
runescape--lfgapi.us-central1.hosted.app/_next/static/media/ 14 KB
14 KB 227ms
227ms Image
image/webp 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/media/runescape-logo.ba484fd6.webp
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 76939b2a1070b55398e06518f1f5c24dc8f9d03fe9994f0195296601d35d7023

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: public,max-age=120
etag: W/"3728-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=25
content-length: 14120
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: 97dc42dcbe6710c1f0f541163568b577
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/webp

GET
H3 200 XollaStaff.e2b5ee03.png
runescape--lfgapi.us-central1.hosted.app/_next/static/media/ 33 KB
33 KB 278ms
277ms Image
image/png 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/media/XollaStaff.e2b5ee03.png
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: abffd24af933c5504aa025633aeec462992f5eedbd9f1aaa3f5610efc98217b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: public,max-age=120
etag: W/"8497-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=26
content-length: 33943
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: 231492a2b13489d5fab4d5dae7fa8885
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/png

GET
H3 200 XollaSword.8fb15c59.png
runescape--lfgapi.us-central1.hosted.app/_next/static/media/ 47 KB
47 KB 207ms
206ms Image
image/png 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/media/XollaSword.8fb15c59.png
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 3213ca8e3a6e2662b48efbe7b518c755511e9612919035d9a80b22e122f8cbea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: public,max-age=120
etag: W/"bd10-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=23
content-length: 48400
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: c184bf030026b1222c8ea3ff76080cb4
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/png

GET
H3 200 XollaChakram.21e38d39.png
runescape--lfgapi.us-central1.hosted.app/_next/static/media/ 152 KB
152 KB 313ms
312ms Image
image/png 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/media/XollaChakram.21e38d39.png
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: b7812095a734f8afcd09d9a8401dd4bec29f8cd926806028ac742a1887e2b8b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: public,max-age=120
etag: W/"26088-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=25
content-length: 155784
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: ca36c1df57fbf755ed097d19b929638e
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/png

GET
H3 200 about-game.0534fcb4.webp
runescape--lfgapi.us-central1.hosted.app/_next/static/media/ 81 KB
81 KB 293ms
292ms Image
image/webp 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/media/about-game.0534fcb4.webp
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 392985dd9169bcdf657950e18deca84d95ebb938916e39ba8e4e34074ec634da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: public,max-age=120
etag: W/"14492-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=32
content-length: 83090
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: c7638cb407692b508a69f900c0ea02ec
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/webp

GET
H3 200 footer-logo.29c86d7a.png
runescape--lfgapi.us-central1.hosted.app/_next/static/media/ 331 KB
331 KB 245ms
244ms Image
image/png 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/media/footer-logo.29c86d7a.png
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 0afb1de453d9ab0cb566d69e888a6e71e72c1bfa35e81096d7c3fb35eb26aadb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: public,max-age=120
etag: W/"52c19-49773873e8"
age: 0
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=25
content-length: 338969
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: 13fbe98aab2111c3899c06bc4f402de8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: envoy
content-type: image/png

GET
H3 200 age.8df31921.svg
runescape--lfgapi.us-central1.hosted.app/_next/static/media/ 5 KB
2 KB 207ms
206ms Image
image/svg+xml 35.219.200.17
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/media/age.8df31921.svg
Requested by: Host: x.la
URL: https://x.la/runescape
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.219.200.17 , United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 17.200.219.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 1e185347a37f42ac02388cbe4ea92c7b056ac783658bddbda7e40dcd0608d020

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
etag: W/"159f-49773873e8"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing: l2gfet4t7; dur=23
date: Thu, 21 Nov 2024 10:58:56 GMT
x-cloud-trace-context: 3ee7e96548181a56e8b7ce183c863cec
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=120
cdn-cache-status: revalidated
via: 1.1 google
accept-ranges: bytes
content-length: 2008
server: envoy

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 3424 0
0 180ms
61ms Document
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fx.la

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK32LG2B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 9946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 08:13:10 GMT
expires: Fri, 21 Nov 2025 08:13:10 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 500 /
x.la/ 2 KB
0 174ms
173ms Fetch
text/html 34.41.17.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://x.la/?_rsc=1778r

Requested by

Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/23-d806635937183afc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.41.17.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.17.41.34.bc.googleusercontent.com

Software

nginx / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

RSC: 1
Referer: https://x.la/runescape
Next-Url: /
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2C%22%2Frunescape%22%2C%22refresh%22%5D%7D%2Cnull%2Cnull%2Ctrue%5D

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
etag: "11znrdry0ij1mh"
date: Thu, 21 Nov 2024 10:58:56 GMT
content-type: text/html; charset=utf-8
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
server: nginx
x-powered-by: Next.js

GET
H3 200 957795706144387 Show response
connect.facebook.net/signals/config/ 68 KB
13 KB 61ms
61ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/957795706144387?v=2.9.176&r=stable&domain=x.la&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

75b5629cb7940d730c49d0344f514074ea35766bf63ce32b85475d9341e43463

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-0Ly837CW' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 10:58:56 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-0Ly837CW' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=77, mss=1232, tbw=70879, tp=67, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: RTCJAV68LrY59IZZplcXaXAbZ6cz+Grq6uOt48vRfeu+Q7b2BH3wRRmLTPlBZ8EyBUPz3iEC/J0bFO6fkpVTQQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
content-length: 13412
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 engage Show response
xsolla.us-6.evergage.com/api2/event/ 137 B
808 B 478ms
144ms XHR
application/json 34.196.24.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://xsolla.us-6.evergage.com/api2/event/engage?event=eyJzb3VyY2UiOnsicGFnZVR5cGUiOiJkZWZhdWx0IiwidXJsIjoiaHR0cHM6Ly94LmxhL3J1bmVzY2FwZSIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiMTA3IiwiY29udGVudFpvbmVzIjpbXX0sInVzZXIiOnsiYW5vbnltb3VzSWQiOiI3M2VhZmU4M2EzNGUzNGZlIiwiYXR0cmlidXRlcyI6e30sImlkZW50aXRpZXMiOnt9fSwiaW50ZXJhY3Rpb24iOnsibmFtZSI6IkRlZmF1bHQgUGFnZSJ9LCJwYWdlVmlldyI6dHJ1ZSwiY29uc2VudHMiOltdLCJhY2NvdW50Ijp7fSwiX3Rvb2xzRXZlbnRMaW5rSWQiOiIzOTgxNDgzOTAxMzQ0MzY5IiwiZXhwbGFpbiI6dHJ1ZX0%3D

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/xsolla/engage/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.24.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-24-78.compute-1.amazonaws.com

Software

Resource Hash

fc9f1e102e7b765827a1cd0d187302a8c8c1d530b7af8a5dfaa9efe5b0cbc87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://x.la/

Response headers

cache-control: no-cache, no-store
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://x.la
date: Thu, 21 Nov 2024 10:58:57 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding

OPTIONS hit
datagather.xsolla.com/ Frame 0
0

GET
DATA 200
OK truncated
/ 45 KB
45 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c46b0bb11f1f31dbe3a4d9a34f6466a7b6a6086c0367f36e3b20ed715e761190

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://x.la
Referer

Response headers

Content-Type: font/woff2

POST hit
datagather.xsolla.com/ 0
0

GET
H2 200 /
id.xsolla.com/ Frame D7FD 0
0 189ms
95ms Document
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://id.xsolla.com/?locale=en-US&position=top-right&enabledOrbs=%5B%5D&loginProjectId=dcc83710-3bdd-4808-a6fd-e75f99f509fc&trackId=173218673666181MzcuMzY%3D&isMobile=false&theme=theme-dark

Requested by

Host: runescape--lfgapi.us-central1.hosted.app
URL: https://runescape--lfgapi.us-central1.hosted.app/_next/static/chunks/fd9d1056-56801f1d15ced78a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://x.la/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: public, max-age=3600, s-max-age=31536000
content-encoding: br
content-length: 294
content-type: text/html; charset=utf-8
date: Thu, 21 Nov 2024 10:58:57 GMT
etag: "5287698efd8f6f0d5c979a528dfd8fa7057d124a48000fabbdd6ee93e70cd21f-br"
last-modified: Fri, 01 Nov 2024 09:56:16 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hel1410027-HEL
x-timer: S1732186737.105489,VS0,VE64

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 115ms
55ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=957795706144387&ev=PageView&dl=https%3A%2F%2Fx.la%2Frunescape&rl=&if=false&ts=1732186737049&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732186737048.470512092249416919&ler=empty&cdl=API_unavailable&it=1732186736611&coo=false&rqm=GET

Requested by

Host: x.la
URL: https://x.la/runescape

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4472, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 21 Nov 2024 10:58:57 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 285ms
225ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=957795706144387&ev=PageView&dl=https%3A%2F%2Fx.la%2Frunescape&rl=&if=false&ts=1732186737049&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732186737048.470512092249416919&ler=empty&cdl=API_unavailable&it=1732186736611&coo=false&rqm=FGET

Requested by

Host: x.la
URL: https://x.la/runescape

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439685387422122016"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 10:58:57 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: XKaUIemVOAmh5MAw/0wdoBFgBPnBYxKUPG40y5IOLz5bRGZKztVGYE7EKHpoBhPtsY9MlSsx0RBOG2/mipIB9w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439685387422122016", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4840, tp=13, tpl=0, uplat=169, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.56/ 66 KB
28 KB 128ms
127ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.56/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/m105ylxklh?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

x-azure-ref: 20241121T105857Z-16b7b566b7dbvt2phC1DUSc01c00000004pg00000000nfps
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: b780f120-501e-0064-64da-3adf43000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Thu, 21 Nov 2024 10:58:57 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 19:41:29 GMT

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
268 B 837ms
289ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://x.la/

Response headers

Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin: https://x.la
Date: Thu, 21 Nov 2024 10:58:58 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=875F5118BEE846EDBE1A2F68967C67BE&RedC=c.clarity.ms&MXFR=21ED6A98B01868D13D1C7FA6B4186652
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=875F5118BEE846EDBE1A2F68967C67BE&MUID=309F50121F7E6AAC2F7F452C1EAC6BA6

42 B
443 B

70ms
70ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=875F5118BEE846EDBE1A2F68967C67BE&MUID=309F50121F7E6AAC2F7F452C1EAC6BA6
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "b116c54f951fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Thu, 21 Nov 2024 10:58:57 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 06:33:28 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=875F5118BEE846EDBE1A2F68967C67BE&MUID=309F50121F7E6AAC2F7F452C1EAC6BA6
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C75DA25EAAAC4C7D933B977F605CF59A Ref B: FRAEDGE1222 Ref C: 2024-11-21T10:58:57Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Thu, 21 Nov 2024 10:58:57 GMT
x-powered-by: ASP.NET

GET
H2 200 favicon.ico
x.la/ 15 KB
2 KB 166ms
166ms Other
image/x-icon 34.41.17.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://x.la/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.41.17.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.17.41.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

dfad18350537b06961a29b8b4b2081fd6c4aabe6720f93b1641adeccb852373a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/runescape

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
x-nextjs-cache: HIT
date: Thu, 21 Nov 2024 10:58:57 GMT
content-type: image/x-icon
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
server: nginx

POST
H2 204 pr
xsolla.us-6.evergage.com/ 0
530 B 137ms
136ms Ping
text/plain 34.196.24.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://xsolla.us-6.evergage.com/pr?.top=488&action=Default%20Page&.tt=481&.ttdns=64&.dt=1198&.lt=2609&.btdns=22&.bv=16&_ak=xsolla&_ds=engage&.scv=107&channel=Web&_r=663720&.anonId=73eafe83a34e34fe&_anon=true

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/xsolla/engage/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.24.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-24-78.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://x.la/

Response headers

access-control-allow-origin: https://x.la
timing-allow-origin: *
date: Thu, 21 Nov 2024 10:58:57 GMT
x-content-type-options: nosniff

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
268 B 138ms
136ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://x.la/

Response headers

Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin: https://x.la
Date: Thu, 21 Nov 2024 10:58:58 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 204 collect
analytics.google.com/g/ 0
0 73ms
71ms Fetch
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QMYFZVFR26&gtm=45je4bk0v9170309620za200&_p=1732186736097&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=331446657.1732186736&ecid=411250378&ul=fi-fi&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pae=1&_eu=AAg&_s=4&sid=1732186736&sct=1&seg=0&dl=https%3A%2F%2Fx.la%2Frunescape&dt=&en=click_to_offer&epn.percent_scrolled=90&_et=2&tfd=6499
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMYFZVFR26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://x.la/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://x.la
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 10:59:01 GMT
content-type: text/plain
server: Golfe2

POST collect
s.clarity.ms/ 0
0

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
268 B 823ms
279ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://x.la/

Response headers

Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin: https://x.la
Date: Thu, 21 Nov 2024 10:59:02 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: datagather.xsolla.com
URL: https://datagather.xsolla.com/hit

Domain: datagather.xsolla.com
URL: https://datagather.xsolla.com/hit

Domain: s.clarity.ms
URL: https://s.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mindmup.github.io/3rdpartycookiecheck	1970-01-21 01:09:50	Name: thirdparty Value: yes
x.la/	1970-01-21 01:09:47	Name: sb_disable_locale_detect Value: true
.x.la/	1970-01-21 10:45:46	Name: _ga Value: GA1.1.331446657.1732186736
.x.la/	1970-01-21 10:45:46	Name: _ga_QMYFZVFR26 Value: GS1.1.1732186736.1.0.1732186736.60.0.411250378
.x.la/	1970-01-21 03:19:22	Name: _gcl_au Value: 1.1.1050738835.1732186736
.doubleclick.net/	1970-01-21 01:09:47	Name: test_cookie Value: CheckForPermission
www.clarity.ms/	1970-01-21 09:55:22	Name: CLID Value: 32d9407351334f6c98aed1f1a094855b.20241121.20251121
.x.la/	1970-01-21 10:45:46	Name: _mm_uid_2002 Value: 1732186737265320950
.x.la/	1970-01-21 01:09:48	Name: _mm_vid_2002 Value: 17321867371035946823
x.la/	1970-01-21 10:45:46	Name: _evga_ea33 Value: {%22uuid%22:%2273eafe83a34e34fe%22}
.x.la/	1970-01-21 10:45:46	Name: _sfid_294e Value: {%22anonymousId%22:%2273eafe83a34e34fe%22%2C%22consents%22:[]}
.x.la/	1970-01-21 03:19:22	Name: _fbp Value: fb.1.1732186737048.470512092249416919
.x.la/	1970-01-21 09:55:22	Name: _clck Value: 1mbisi0%7C2%7Cfr2%7C0%7C1786
xsolla.us-6.evergage.com/	1970-01-21 01:19:51	Name: AWSALBTGCORS Value: 8As6gtIsSw38c8z+2qjytoLyuUnrue7UlVFsILYDblBlTK3XoY/UIohRT0H7xkZrIr2C868pcZByMtVI0SDH0lu/Px/JuQ5Q+PuZqjOtHT3Z538q6mPQcrz+Urfk/O1TzpASU9PJIVUcLxxLuuCCoX9QLDw90DTyfPXILhloC4GdDxaDvBo=
.xsolla.com/	1970-01-21 10:45:46	Name: xsollauid Value: 364773480907931662
.bing.com/	1970-01-21 10:31:22	Name: MUID Value: 309F50121F7E6AAC2F7F452C1EAC6BA6
.c.bing.com/	1970-01-21 01:19:51	Name: MR Value: 0
.c.bing.com/	1970-01-21 10:31:22	Name: SRM_B Value: 309F50121F7E6AAC2F7F452C1EAC6BA6
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:31:22	Name: MUID Value: 309F50121F7E6AAC2F7F452C1EAC6BA6
.c.clarity.ms/	1970-01-21 01:19:51	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 01:09:47	Name: ANONCHK Value: 0
.x.la/	1970-01-21 01:11:13	Name: _clsk Value: 13lhxbx%7C1732186738160%7C1%7C1%7Cs.clarity.ms%2Fcollect
.xsolla.com/	1970-01-21 10:45:46	Name: consent_id Value: bc617bd2-f89b-4210-8d6a-ad80d2549b7b

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://x.la/?_rsc=1778r Message: Failed to load resource: the server responded with a status of 500 ()
javascript	error	URL: https://x.la/runescape Message: Access to XMLHttpRequest at 'https://datagather.xsolla.com/hit' from origin 'https://x.la' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
network	error	URL: https://datagather.xsolla.com/hit Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
c.bing.com
c.clarity.ms
cdn.evgnet.com
cdn.xsolla.net
connect.facebook.net
consent-api.xsolla.com
datagather.xsolla.com
id.xsolla.com
runescape--lfgapi.us-central1.hosted.app
s.clarity.ms
stats.g.doubleclick.net
td.doubleclick.net
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
x.la
xsolla.us-6.evergage.com
datagather.xsolla.com
s.clarity.ms
13.74.129.1
142.250.185.228
151.101.0.114
157.240.253.1
157.240.253.35
185.30.21.72
23.214.117.90
23.96.124.68
2620:0:890::100
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:827::200e
2a00:1450:400c:c1d::9a
34.196.24.78
34.41.17.27
35.219.200.17
0afb1de453d9ab0cb566d69e888a6e71e72c1bfa35e81096d7c3fb35eb26aadb
0d35bfbbd1775816f1d672b2fb666f75089e96e71c5f60bc02f3fc1ee13d1a47
1619aaf145bb0a4f2ba896cbba5291ce256aadae22fb17b62b232a88e1d2868e
1e185347a37f42ac02388cbe4ea92c7b056ac783658bddbda7e40dcd0608d020
3213ca8e3a6e2662b48efbe7b518c755511e9612919035d9a80b22e122f8cbea
3565ea0636a568bc198896f22d38d5691849cbdc7fc59564a5c8f7a8f6471908
392985dd9169bcdf657950e18deca84d95ebb938916e39ba8e4e34074ec634da
3c16c956eea12a6ef1fa447d0d2563b660d6ab0fee1f588251c58f53594e6aae
411699a1ca5ec5c7f1c2e1718f512efb4a3519cb64b55301c52f6b8d9d7eab7a
42be29f0ad704383fd2d01660718d50974ea41db62f6ef49f3be73ef363ee4ee
433d1cc1d2d3382200a71f771aa921cc4a3e90294e56cdeda72776a023fc013d
451677e8d3a09f1487633de87e119b48fd02a5fc9ea05c62c585cf607526c280
49a4fb4694e3228341ffa04da5eeca43cb5cec87bd30ff09c874b5e3900d620e
4cb6fcf51ec3e71a629bc88d7c005bae1539d1203e6a9a6780bb8bfad39f59d3
52195f8d3a6f76bc741495685ec368bff231c0589907759684956d7ba9517a91
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
590cd2541535c88e9fea917836490bada077169c51de2eaffd421429a4e7a705
5cc72fec761b991554e1b93af0e145f4e36d0b41a079a078f4478c468ffdb518
648531decf70e26981883e410c6880867080a48f6907fc258eb0d3af00e8b31a
65cb8dd1d576d1801ce0c4131a0c43aa3b056edc79e24441dceff367f98e8657
71ed963804cbd4b773b16a2e290fb534288140999cca4833a8ff300a9d72a9b1
75b5629cb7940d730c49d0344f514074ea35766bf63ce32b85475d9341e43463
76939b2a1070b55398e06518f1f5c24dc8f9d03fe9994f0195296601d35d7023
8c342ff6e24dc92f745c135dc9948b56767c734045a048bfae15bf9128442efe
935844826b35053c6b5b3544d7d495fea867b00ef6339b1862b0d9f52880a128
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a23c0cbe51c2f241c09ea3f481a31b158e0355e467178f3eda837ec1ca8fc652
a7edf3de2717f3c09039247afcfb312e3845bec8edb15ebeb93e0162ce661f39
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abffd24af933c5504aa025633aeec462992f5eedbd9f1aaa3f5610efc98217b0
b201ac10925415c2793efdb555c8f08fb10406cf7a703d08d7f8e153c1bfa635
b7812095a734f8afcd09d9a8401dd4bec29f8cd926806028ac742a1887e2b8b3
bae8874d5c9e0f182764af7980b750139477a0d192cdc0bf0f7c1b6d599835d3
c17ab6285d7fd3b42bb453fdb4b9d0e3434b9ce813e615bdfea333de432fdbaf
c46b0bb11f1f31dbe3a4d9a34f6466a7b6a6086c0367f36e3b20ed715e761190
d5bc83dadd0ea345cb1501ec66bd52b7ecc697bd580b0e233becd6333921ca69
db5c3854a9aa777f437d1af279ede18433e5bea753e52ac3b11606e2e6d66c58
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
dfad18350537b06961a29b8b4b2081fd6c4aabe6720f93b1641adeccb852373a
e18073a87f5ee9f8225762e5c608dd989259383d64ab6da5b0fc6a7ddd1a37e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53b6b510b9e957d616bf1e8381bcd961b44850c816febed33567bfa5106cb85
efa5a1089a80954d1bf944349f0cd8d9a146c97344e616a9485a115638195fb5
fb9398a4e1559aca8494e6492f4ddf950276c3b48dcfe128d7df172fdb98452a
fc9f1e102e7b765827a1cd0d187302a8c8c1d530b7af8a5dfaa9efe5b0cbc87b
fdfe4043e074cb26be38b6fb9be59b981a507e99406201bb5ff0cdb9906eb390

x.la Open in urlscan Pro 34.41.17.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

94 %HTTPS

39 %IPv6

13 Domains

19 Subdomains

18 IPs

5 Countries

2777 kBTransfer

4779 kBSize

24 Cookies

3 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

x.la Open in urlscan Pro
34.41.17.27 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

94 %
HTTPS

39 %
IPv6

13
Domains

19
Subdomains

18
IPs

5
Countries

2777 kB
Transfer

4779 kB
Size

24
Cookies

63 HTTP transactions
1 data transactions