urlscan.io logo urlscan.io
SecurityTrails logo

lps.plarium.com Open in urlscan Pro
2606:4700::6812:efd  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://notube.net/p/
Effective URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=8...
Submission: On November 12 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 6 countries across 18 domains to perform 112 HTTP transactions. The main IP is 2606:4700::6812:efd, located in United States and belongs to CLOUDFLARENET, US. The main domain is lps.plarium.com. The Cisco Umbrella rank of the primary domain is 344145.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 20th 2024. Valid for: a year.
This is the only time lps.plarium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:21:... 13335 (CLOUDFLAR...)
2 13 104.18.23.222 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
26 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 13.32.121.42 16509 (AMAZON-02)
16 2600:1901:0:7... 396982 (GOOGLE-CL...)
1 172.64.152.14 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:33::10 8075 (MICROSOFT...)
6 2a03:2880:f08... 32934 (FACEBOOK)
2 151.101.65.44 54113 (FASTLY)
3 184.28.89.148 16625 (AKAMAI-AS)
4 34.31.194.150 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 70.42.32.223 22075 (AS-OUTBRAIN)
1 151.101.129.44 54113 (FASTLY)
1 142.250.184.194 15169 (GOOGLE)
10 2a03:2880:f17... 32934 (FACEBOOK)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 34.49.241.189 396982 (GOOGLE-CL...)
4 141.226.228.48 200478 (TABOOLA-AS)
112 27
1    2606:4700:21::681b:cd57 (United States)

ASN13335 (CLOUDFLARENET, US)
notube.net
13    104.18.23.222 (None, )

ASN13335 (CLOUDFLARENET, US)
goobakocaup.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
26    2606:4700::6812:efd (United States)

ASN13335 (CLOUDFLARENET, US)
lps.plarium.com
landings-frontend.plarium.com
1    2606:4700::6812:4239 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.optimizely.com
2    13.32.121.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-42.fra60.r.cloudfront.net
datadome.plarium.com
16    2600:1901:0:75c:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
cdn-gpd.x-plarium.com
1    172.64.152.14 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn3.optimizely.com
5    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:4139 (United States)

ASN13335 (CLOUDFLARENET, US)
a26310650654.cdn.optimizely.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
6    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
3    184.28.89.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-89-148.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
4    34.31.194.150 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.194.31.34.bc.googleusercontent.com
collector.plarium.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
10    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.net
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com
logx.optimizely.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
32 plarium.com
lps.plarium.com — Cisco Umbrella Rank: 344145
datadome.plarium.com — Cisco Umbrella Rank: 276908
landings-frontend.plarium.com — Cisco Umbrella Rank: 458540
collector.plarium.com — Cisco Umbrella Rank: 237504
687 KB
16 x-plarium.com
cdn-gpd.x-plarium.com — Cisco Umbrella Rank: 167848
2 MB
13 goobakocaup.com
goobakocaup.com
33 KB
10 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
1003 B
7 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 862
psb.taboola.com — Cisco Umbrella Rank: 5951
trc.taboola.com — Cisco Umbrella Rank: 686
trc-events.taboola.com — Cisco Umbrella Rank: 2720
24 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
87 KB
5 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3182
wave.outbrain.com — Cisco Umbrella Rank: 3153
tr.outbrain.com — Cisco Umbrella Rank: 3133
12 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
451 KB
5 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 971
cdn3.optimizely.com — Cisco Umbrella Rank: 4525
a26310650654.cdn.optimizely.com — Cisco Umbrella Rank: 455567
logx.optimizely.com — Cisco Umbrella Rank: 1669
87 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4401
635 B
2 bing.net
bat.bing.net — Cisco Umbrella Rank: 20475
463 B
2 google.de
www.google.de — Cisco Umbrella Rank: 11271
127 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
578 B
2 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
15 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
2 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10912
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 89
3 KB
1 notube.net
notube.net — Cisco Umbrella Rank: 691049
3 KB
112 18
Domain Requested by
23 landings-frontend.plarium.com lps.plarium.com
landings-frontend.plarium.com
16 cdn-gpd.x-plarium.com lps.plarium.com
landings-frontend.plarium.com
13 goobakocaup.com 2 redirects goobakocaup.com
10 www.facebook.com lps.plarium.com
6 connect.facebook.net goobakocaup.com
connect.facebook.net
5 www.googletagmanager.com lps.plarium.com
www.googletagmanager.com
4 trc-events.taboola.com cdn.taboola.com
4 collector.plarium.com datadome.plarium.com
3 lps.plarium.com lps.plarium.com
datadome.plarium.com
2 logx.optimizely.com cdn.optimizely.com
2 bat.bing.net bat.bing.com
lps.plarium.com
2 tr.outbrain.com datadome.plarium.com
amplify.outbrain.com
2 www.google.de lps.plarium.com
2 region1.analytics.google.com datadome.plarium.com
2 amplify.outbrain.com goobakocaup.com
datadome.plarium.com
2 bat.bing.com www.googletagmanager.com
bat.bing.com
2 www.google.com 1 redirects www.googletagmanager.com
2 gum.criteo.com 1 redirects lps.plarium.com
2 datadome.plarium.com lps.plarium.com
datadome.plarium.com
2 my.rtmark.net goobakocaup.com
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 trc.taboola.com cdn.taboola.com
1 psb.taboola.com datadome.plarium.com
1 wave.outbrain.com amplify.outbrain.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 cdn.taboola.com goobakocaup.com
1 a26310650654.cdn.optimizely.com cdn.optimizely.com
1 cdn3.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com lps.plarium.com
1 notube.net 1 redirects
112 31

This site contains links to these domains. Also see Links.

Domain
plarium-mobile-support.zendesk.com
company.plarium.com
plarium.com
Subject Issuer Validity Valid
goobakocaup.com
WE1		 2024-10-23 -
2025-01-21		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
*.plarium.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-20 -
2025-04-06		 a year crt.sh
cdn.optimizely.com
WE1		 2024-10-21 -
2025-01-19		 3 months crt.sh
datadome.plarium.com
E5		 2024-09-07 -
2024-12-06		 3 months crt.sh
*.x-plarium.com
Go Daddy Secure Certificate Authority - G2		 2024-09-02 -
2025-10-04		 a year crt.sh
cdn3.optimizely.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-21 -
2024-11-19		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.de
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.googleadservices.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
bat.bing.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-10-27 -
2025-04-25		 6 months crt.sh
logx.optimizely.com
WR3		 2024-09-16 -
2024-12-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Frame ID: 3817A029B87FA21669E0774E6F13906C
Requests: 105 HTTP requests in this frame

Frame: https://a26310650654.cdn.optimizely.com/client_storage/a26310650654.html
Frame ID: 43065074FF95D2829D030CF9204DA639
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Flps.plarium.com
Frame ID: C05B091FCFD9A7513900B244A8F62439
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RAID: Shadow Legends

Page URL History Show full URLs

  1. https://notube.net/p/ HTTP 302
    https://goobakocaup.com/4/4113315 Page URL
  2. https://goobakocaup.com/?z=4113315&syncedCookie=true&rhd=false HTTP 302
    https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x Page URL
  3. https://goobakocaup.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
    https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Page Statistics

112
Requests

97 %
HTTPS

61 %
IPv6

18
Domains

31
Subdomains

27
IPs

6
Countries

3956 kB
Transfer

8261 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://notube.net/p/ HTTP 302
    https://goobakocaup.com/4/4113315 Page URL
  2. https://goobakocaup.com/?z=4113315&syncedCookie=true&rhd=false HTTP 302
    https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x Page URL
  3. https://goobakocaup.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
    https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://notube.net/p/ HTTP 302
  • https://goobakocaup.com/4/4113315
Request Chain 6
  • https://goobakocaup.com/?z=4113315&syncedCookie=true&rhd=false HTTP 302
  • https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
Request Chain 48
  • https://gum.criteo.com/sync?a=1&r=2&c=421&j=handleCriteoCookie HTTP 302
  • https://gum.criteo.com/sync?s=1&a=1&r=2&c=421&j=handleCriteoCookie
Request Chain 97
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11039079270/?random=111717026&cv=11&fst=1731401388583&bg=ffffff&guid=ON&async=1&gtm=45be4b70z879175763za201zb79175763&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&label=5fcsCOHQvI8ZEOb2648p&hn=www.googleadservices.com&frm=0&tiba=RAID%3A%20Shadow%20Legends&value=0&npa=1&pscdl=noapi&auid=1249539189.1731401388&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=m&fdr=CA&capi=1&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQII08WxAkondHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZSwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&eitems=ChAIgJbMuQYQtYvypYbE3McfEh0AEe5uBDJAEdXEJCeU_Nxm0urieXwL3S-puyr7xA&pscrd=IhMItMjw5bTWiQMV2ukRCB2JYCRuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL2xwcy5wbGFyaXVtLmNvbS9CV0NoQUlnSmJNdVFZUXVNYThxSkxRenUwNkVpMEE1OXVXdFVXbk5KMVdSU2I0N1BTV25FMHhtMlZka0FNbDJ0ZXVJcGl5eXZUSVpxdXdsQlBxS0l0WjJrZw HTTP 302
  • https://www.google.com/pagead/1p-conversion/11039079270/?random=111717026&cv=11&fst=1731401388583&bg=ffffff&guid=ON&async=1&gtm=45be4b70z879175763za201zb79175763&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&label=5fcsCOHQvI8ZEOb2648p&hn=www.googleadservices.com&frm=0&tiba=RAID%3A%20Shadow%20Legends&value=0&npa=1&pscdl=noapi&auid=1249539189.1731401388&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=m&fdr=CA&capi=1&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQII08WxAkondHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZSwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMItMjw5bTWiQMV2ukRCB2JYCRuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL2xwcy5wbGFyaXVtLmNvbS9CV0NoQUlnSmJNdVFZUXVNYThxSkxRenUwNkVpMEE1OXVXdFVXbk5KMVdSU2I0N1BTV25FMHhtMlZka0FNbDJ0ZXVJcGl5eXZUSVpxdXdsQlBxS0l0WjJrZw&is_vtc=1&cid=CAQSGwCa7L7dBYi_BSTfvMJvRbS8sScAIUSsvqDIwA&eitems=ChAIgJbMuQYQtYvypYbE3McfEh0AEe5uBFwtveqN--U3PNNEITaJxKqXEK_XVBdwIg&random=1570730180 HTTP 302
  • https://www.google.de/pagead/1p-conversion/11039079270/?random=111717026&cv=11&fst=1731401388583&bg=ffffff&guid=ON&async=1&gtm=45be4b70z879175763za201zb79175763&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&label=5fcsCOHQvI8ZEOb2648p&hn=www.googleadservices.com&frm=0&tiba=RAID%3A%20Shadow%20Legends&value=0&npa=1&pscdl=noapi&auid=1249539189.1731401388&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=m&fdr=CA&capi=1&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQII08WxAkondHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZSwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMItMjw5bTWiQMV2ukRCB2JYCRuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL2xwcy5wbGFyaXVtLmNvbS9CV0NoQUlnSmJNdVFZUXVNYThxSkxRenUwNkVpMEE1OXVXdFVXbk5KMVdSU2I0N1BTV25FMHhtMlZka0FNbDJ0ZXVJcGl5eXZUSVpxdXdsQlBxS0l0WjJrZw&is_vtc=1&cid=CAQSGwCa7L7dBYi_BSTfvMJvRbS8sScAIUSsvqDIwA&eitems=ChAIgJbMuQYQtYvypYbE3McfEh0AEe5uBFwtveqN--U3PNNEITaJxKqXEK_XVBdwIg&random=1570730180&ipr=y

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
4113315
goobakocaup.com/4/
Redirect Chain
  • https://notube.net/p/
  • https://goobakocaup.com/4/4113315
31 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/4/4113315
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ee1e34bf884d4006850b4a33ec0847a5c080ce0039724a628a1c05f0c369852
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e154549cb604da4-FRA
content-encoding
gzip
content-type
text/html; charset=utf8
date
Tue, 12 Nov 2024 08:49:46 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
cbb5ee1b0c9d4a2df6fb2ced3f24a878

Redirect headers

age
1545
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=7200
cf-cache-status
HIT
cf-ray
8e154549687d36dc-FRA
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none'
content-type
text/html; charset=UTF-8
date
Tue, 12 Nov 2024 08:49:46 GMT
location
https://goobakocaup.com/4/4113315
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5aHCaDNnaHDPPxzvoMSdbs6%2BEOi9HbJ7y6rdtqDUGLx5EKNHaRr25Imgvew%2FKadUDI%2FvwBg4NSjR2sPdIxR83ea88SNT16ksnNGOJhu889Ycs9YN7ogBwoTFcCA7RUvnH8rI0oTv8jQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=6568&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4335&recv_bytes=4441&delivery_rate=86109&cwnd=12000&unsent_bytes=0&cid=405ee84e91092314&ts=31&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff nosniff nosniff nosniff nosniff nosniff nosniff nosniff nosniff nosniff nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block
img.gif
my.rtmark.net/ 		43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008112c8c1ea4979f8fc25469e9848ea&z=4113315&p_rid=28318098-2b5b-425d-9696-853feabc7686&p_src=sf
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/4113315
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h4N5adj4fepV53ptokO73iZSV6CjLSsa51ws9f90LHnek9I0eVoRZYk%2FdN4CYkm3lThY%2Fu7XKghIu4%2BFn1oVTPzTEcze%2FhLAPSSEp%2FJFhE0kAZQYlPtDBmiQRgfLs4q8%2BzC3oMolt8C67ogv"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6326&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4118&recv_bytes=4427&delivery_rate=94725&cwnd=12000&unsent_bytes=0&cid=06feeac3b68547f2&ts=30&x=1", cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 08:49:46 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e15454a5d9a9742-FRA
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
goobakocaup.com/ 		43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goobakocaup.com/sftouch?userId=008112c8c1ea4979f8fc25469e9848ea&z=4113315&p_rid=28318098-2b5b-425d-9696-853feabc7686&p_src=sf&branchId=0&rb=tEjJ74QeJn2UydC9hiIg9XhP1M7jldiFMUxH9_xfZZtxfLwws9WcEwst9rnXRd9oJSAUr_XrTuudODcBT-up-F0oWAVMcq6U1fn0nNMX2B-kGFCp_yaB66_6hI4TbhnmtAawkCxz2Ns3sMJF1I1A9mM-LNkWrAUGsEcy8YKon8Z5P-wJ-Xi-Ig1dnWrEaA-TXiMyXHBPP7Ku7ymwGN7YNeblu_om5f-X2z3ItVcDKCTZDYkCz_grJfNZaDPFOZupqA43kCbs-dSByBGmvxfB2lOVBrPr0DYQHIMR42SDf6hQjUWQ-G4wJPramXI=&w_img=1
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/4113315
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/4/4113315

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:46 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
fe64f8781f02761a1d10b23ce5eab12f
cf-ray
8e15454a3bca4da4-FRA
access-control-allow-origin
*
content-length
43
server
cloudflare
add
goobakocaup.com/log/ 		12 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=28318098-2b5b-425d-9696-853feabc7686
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/4113315
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://goobakocaup.com/4/4113315

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
cf-ray
8e15454a7ff79b80-FRA
access-control-allow-origin
https://goobakocaup.com
alt-svc
h3=":443"; ma=86400
content-length
12
date
Tue, 12 Nov 2024 08:49:46 GMT
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
goobakocaup.com/async_log/ 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=28318098-2b5b-425d-9696-853feabc7686
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/4113315
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://goobakocaup.com/4/4113315

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8e15454a7ff89b80-FRA
access-control-allow-origin
https://goobakocaup.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 08:49:46 GMT
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
goobakocaup.com/ 		0
182 B 		Other
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/4/4113315

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
513627
cf-ray
8e15454a88069b80-FRA
expires
Fri, 10 Nov 2034 08:49:46 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:46 GMT
vary
Accept-Encoding
server
cloudflare
6118780
goobakocaup.com/4/
Redirect Chain
  • https://goobakocaup.com/?z=4113315&syncedCookie=true&rhd=false
  • https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
31 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
033d3b7da96afd598d27d44837967c1f0b1a207d2fad62ecf3d029088c24882f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://goobakocaup.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e15454af85e9b80-FRA
content-encoding
gzip
content-type
text/html; charset=utf8
date
Tue, 12 Nov 2024 08:49:46 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
671e0bb69bb3fac4fcd9d34b7af6c341

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://goobakocaup.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e15454ac8359b80-FRA
content-length
0
date
Tue, 12 Nov 2024 08:49:46 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://goobakocaup.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
297f9bbccccd7c20239e832635d8efe4
img.gif
my.rtmark.net/ 		43 B
825 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008112c8c1ea4979f8fc25469e9848ea&z=6118780&p_rid=3630cb10-4036-42b4-99c1-c8590688ddeb&p_src=sf
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XbrXjH05MgJ86uG1ZUeoDh0IQSKYPb9HccZHn4LEYR3nVh1n%2B8Ve5ESbwHqfh%2F5K9nmUJ80V%2BgCNf%2FnT5J%2FkEtyqpvbXCunz2UBS8NhUf9hl9c6XuAJBuA96nerH6H57Qs3Gva9d7cq6ZocJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6387&sent=13&recv=11&lost=0&retrans=0&sent_bytes=5005&recv_bytes=4895&delivery_rate=48592&cwnd=12000&unsent_bytes=0&cid=06feeac3b68547f2&ts=187&x=1", cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 08:49:46 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e15454b5e889742-FRA
access-control-allow-origin
https://goobakocaup.com
content-length
43
server
cloudflare
sftouch
goobakocaup.com/ 		43 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goobakocaup.com/sftouch?userId=008112c8c1ea4979f8fc25469e9848ea&z=6118780&p_rid=3630cb10-4036-42b4-99c1-c8590688ddeb&p_src=sf&branchId=0&rb=F9-VbFqhdPg5tVX5jPngU7ayUembOeyNpdxHT06IDk74_t6JzPX1D6cfZZcWM4tGlMRIVOkks6H4PaXQT51Q1rs51rp5FQvYsSp6BBgZXbQJEjXJ-hL9ZGJTmlJihKiV_ZO0pBsTxyqbxuh7-qWkQA-E2n-delGSO5bUqNLukHgKtrf1bwyOn94ev0nvU2tQyuQdVvmOGcg9dgGTRnT_JEtHerQATZ6wZ1uhMj1BEBc_H344FjLwfVhvzvcvUThffZ7NYy0RGwGfOZPNhX3Lrw3yRcvX-hPOJWskOUg3hyMzCroV8KPBoaVEcTczx67oUeyb8w==&w_img=1
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:46 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
c9b4e6eee1e4cc749fce594f357f685f
cf-ray
8e15454b58969b80-FRA
access-control-allow-origin
*
content-length
43
server
cloudflare
add
goobakocaup.com/log/ 		12 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=3630cb10-4036-42b4-99c1-c8590688ddeb
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
cf-ray
8e15454d19bb9b80-FRA
access-control-allow-origin
https://goobakocaup.com
alt-svc
h3=":443"; ma=86400
content-length
12
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
goobakocaup.com/async_log/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=3630cb10-4036-42b4-99c1-c8590688ddeb
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8e15454d19c09b80-FRA
access-control-allow-origin
https://goobakocaup.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 08:49:47 GMT
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
goobakocaup.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
513627
cf-ray
8e15454a88069b80-FRA
expires
Fri, 10 Nov 2034 08:49:46 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:46 GMT
vary
Accept-Encoding
server
cloudflare
Primary Request conditional_promocode_f092_jt3184
lps.plarium.com/de/desktop/raid/rdo/media/
Redirect Chain
  • https://goobakocaup.com/?z=6118780&syncedCookie=false&rhd=false
  • https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
58 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6190ab39732df2356d90233db1f103ac87b5d018a5c1816ce96c90ae431b4c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://goobakocaup.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
cf-cache-status
DYNAMIC
cf-ray
8e15454ece6b9762-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 12 Nov 2024 08:49:47 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
daf68cef8ee9bcabefed58a8c2c57068
vary
Accept-Encoding
x-datadome
protected
x-frame-options
SAMEORIGIN

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://goobakocaup.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e15454d59eb9b80-FRA
content-length
0
date
Tue, 12 Nov 2024 08:49:47 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://lps.plarium.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
2d85d668f022b662bc64e05bacacda95
favicon.ico
goobakocaup.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
513627
cf-ray
8e15454a88069b80-FRA
expires
Fri, 10 Nov 2034 08:49:46 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:46 GMT
vary
Accept-Encoding
server
cloudflare
adG1ApTfDA5KhYrsrHH4n_L0KJc.js
lps.plarium.com/cdn-cgi/apps/head/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lps.plarium.com/cdn-cgi/apps/head/adG1ApTfDA5KhYrsrHH4n_L0KJc.js
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ec6da069102a1ea754cfac542b4f8cddb8cfdb96b500864a746b22468caf928

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
sec-ch-device-memory
8
Referer
https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
6pREauK2y9_bUsNKvJN.ZRsDXkEcHqhX
etag
"ab0c241fefd168a6852ce37a73de5ec8"
age
178281
expires
Wed, 12 Nov 2025 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 07 Aug 2024 07:58:51 GMT
vary
Accept-Encoding
x-amz-id-2
wk0hpKAKE+MBMj/7C/QwPoiH/G5crnYqTKihVTRU7qxzeqcbAqZmzfpgmqae2yub9B4AA/hWMKk=
cache-control
public, max-age=31536000
x-amz-request-id
X6V6HP33QP18WJ2V
cf-ray
8e1545504fa59762-FRA
accept-ranges
bytes
content-length
1342
server
cloudflare
26945080260.js
cdn.optimizely.com/js/ 		279 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/26945080260.js
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c0407b64e8c4036bf2e884c92cfbdf56a9bfd880fddf38806b5f5de1b8af34

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

access-control-max-age
86400
access-control-expose-headers
x-amz-meta-revision
content-encoding
gzip
cf-cache-status
HIT
etag
"84e8b109bb5c29a69258385da0839267"
x-amz-version-id
yMfrn0KRFmL84kXXomD7ykyfG.3KMCUK
age
60
access-control-allow-methods
GET, HEAD
date
Tue, 12 Nov 2024 08:49:47 GMT
x-amz-meta-revision
156
content-type
text/javascript; charset=utf-8
last-modified
Wed, 28 Aug 2024 08:15:10 GMT
vary
Accept-Encoding
x-amz-id-2
e7getJ7H5cAz98Wv2ZVKtSmzc7UEhN/yTA4JkP0w952B9CHuN7JREWyfFZmtIBf/IoQmym+nDRv5fsOl3/SsckerT90ZZ0ez
access-control-allow-headers
*
x-amz-replication-status
PENDING
cache-control
max-age=120
timing-allow-origin
*
x-amz-meta-pci_enabled
False
access-control-allow-credentials
false
x-amz-request-id
VZX27VKHKV2PDR16
cf-ray
8e1545507b6f196d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
87865
server
cloudflare
x-amz-server-side-encryption
AES256
tags.js
datadome.plarium.com/ 		168 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://datadome.plarium.com/tags.js
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-42.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44b5896f4a4360bc08c70cf6e5890aa872e50f9d65d0597013c8565752277a82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
br
x-amz-version-id
3leCM9jGAq2_7z1hJqQMAiZ.vKvvZDqu
etag
W/"86b848e45746db7159d1fbb589ce0f3f"
age
87
x-cache
Hit from cloudfront
x-amz-cf-id
I3cfhhtsDTbRwAkvuYXza_KX-0-OH-wt9g5YuohBQRmpH-c9QfQe9g==
date
Tue, 12 Nov 2024 08:48:21 GMT
content-type
text/javascript
vary
accept-encoding, Origin
last-modified
Thu, 17 Oct 2024 12:43:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600, public
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
styles.css
landings-frontend.plarium.com/v3.3.0/prelander-general/ 		242 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/prelander-general/styles.css?v=b5f70333eb4d2544ccf4
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
427b218837ee71e6b8bca35dbd6dc55b2a9250202fc122ea39d4130ebc6d405f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-3c9e3"
age
24931
cf-ray
8e1545505fb59762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
text/css
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
AudioButton.css
landings-frontend.plarium.com/v3.3.0/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/AudioButton.css?v=2b0de08539355d88cf8d
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c5a676cabda9672c4bf77dceeb8757122dd7145fee3c231f6b5dd005a11cef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-48c1"
age
18835
cf-ray
8e1545505fb79762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
text/css
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
BackgroundVideo.css
landings-frontend.plarium.com/v3.3.0/ 		226 B
285 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/BackgroundVideo.css?v=fc4ad8a36ccaf3f6bb66
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28309ab4af7d87de17a67e7d0c701a5a9953218f1ccdf2c8ed11a9670442fc8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-e2"
age
23419
cf-bgj
minify
cf-ray
8e1545506fb99762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
text/css
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
DownloadAdvice.css
landings-frontend.plarium.com/v3.3.0/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/DownloadAdvice.css?v=ecdf82d29627b0107690
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfbbb0acc6ec5dfbd62ee8dbc087f5cad06568915534dfbf4125f6533a2cd7c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-2316"
age
8332
cf-bgj
minify
cf-ray
8e1545505fb69762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
text/css
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
UnifiedLoginForm.css
landings-frontend.plarium.com/v3.3.0/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/UnifiedLoginForm.css?v=da2d47e75f3b319bbc8d
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a423638074d18d2700a9165325b0b13165c755b461763eb2ea07ae64f135519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-1c4a"
age
6299
cf-ray
8e1545505fb49762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
text/css
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
Luthiea_ux_2.jpg
cdn-gpd.x-plarium.com/browser/content/lps/backgrounds/luthiea/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/backgrounds/luthiea/Luthiea_ux_2.jpg
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
16771956ab4b28e90f41937cc428b2e865546c341d2dcf515207aeba3ca11e48

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=TZOgDg==, md5=ZCoDtTM53bC2sdiYvAz+ig==
etag
"642a03b53339ddb0b6b1d898bc0cfe8a"
age
2353
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
37588
date
Tue, 12 Nov 2024 08:10:34 GMT
last-modified
Thu, 22 Aug 2024 10:04:22 GMT
content-type
image/jpeg
x-guploader-uploadid
AHmUCY2wFzAYCggxhgdaeJ9TkpGZ20ByOS6yZKaCQReQYSjsmfaXk0FHpnrQOoLepTD94DAxX4QXqWnMkw
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1724321062938409
content-length
37588
server
UploadServer
app.js
cdn-gpd.x-plarium.com/browser/canvas/landings.pp.analytics/v5/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gpd.x-plarium.com/browser/canvas/landings.pp.analytics/v5/app.js
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3392d6f19e5f0fa6ea9414995679e168c4b4fdebb25d9d6b5a103b557a6319e3

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=smRp/Q==, md5=mrf+Tjt0PgtLxS0iWb2VBg==
content-encoding
br
age
2777
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
5485
date
Tue, 12 Nov 2024 08:03:30 GMT
last-modified
Mon, 15 Jan 2024 16:25:32 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3MIIhWm7Fswk8BS_yjK4FffpPf4jNRsOeIwF8IAb04bv9XwPkJGUKE2_O29xZVHLuh06YNPtDrmA
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1705335931965782
content-length
1718
server
UploadServer
client.js
landings-frontend.plarium.com/v3.3.0/prelander-general/ 		2 MB
492 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/prelander-general/client.js?v=435f4298b536a4a36b59
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb95fc12eeaff48083ed28548af7f6038fb12755b9d6e3f53ab3f09fdfd1cb3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-24f382"
age
84779
cf-ray
8e15455128599762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
AudioButton.js
landings-frontend.plarium.com/v3.3.0/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/AudioButton.js?v=1d276bf746b9747fe2aa
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e74156c28f461634788d92b48e5a6e53207cb029f06b58ae802a244fa7a61e08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-ae3a"
age
16965
cf-bgj
minify
cf-ray
8e15455138689762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
cf-polished
origSize=44602
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
1795.js
landings-frontend.plarium.com/v3.3.0/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/1795.js?v=3821a136244f4c8aa988
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
793b47c0a9211cc7ec109004fafe072ca11756c0098307e47fbe047895b34647
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-a77e"
age
14372
cf-ray
8e154551386a9762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
BackgroundVideo.js
landings-frontend.plarium.com/v3.3.0/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/BackgroundVideo.js?v=d4c3c7a86e6107c0beea
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee475bbec47bd650f27d0ddb64a87e98eb9f9727458c7b302e1351fedb8794d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-3d0b"
age
3578
cf-ray
8e154551386b9762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
Footer.js
landings-frontend.plarium.com/v3.3.0/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/Footer.js?v=b8c6efad1c25d1a5edc7
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e248a90de0da4ca74e9238c6f784675a11e4d86ff9addee9f0878fe8be0cf0f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-52d0"
age
17673
cf-ray
8e154551386d9762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
DownloadAdvice.js
landings-frontend.plarium.com/v3.3.0/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/DownloadAdvice.js?v=90efe070585e2665859f
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2adc25886b6b7a248e20e24e4035515a873a2515fdb3873c1d8433742c6ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-60f0"
age
13667
cf-ray
8e154551386f9762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
Logo.js
landings-frontend.plarium.com/v3.3.0/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/Logo.js?v=20f66fbe3ac33983ff4c
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ba29d42912350d3e3bd002c4eabb0f9a1ea26be5b0de2cca4408221e4cdb167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-3093"
age
13930
cf-bgj
minify
cf-ray
8e15455178c69762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
cf-polished
origSize=12435
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
8447.js
landings-frontend.plarium.com/v3.3.0/ 		55 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/8447.js?v=1c49c0466bafff437e79
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f5ac77289625c315f20875e7eceb91c388dc147efa7249158b3f774770af61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-dc1d"
age
15494
cf-ray
8e15455178c89762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
146.js
landings-frontend.plarium.com/v3.3.0/ 		116 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/146.js?v=980b1907690d557f171e
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e96380d582634de3429acd7d88c9392b714d0273bf62d2004f76952777e9f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-1cf92"
age
77513
cf-ray
8e15455178ca9762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
573.js
landings-frontend.plarium.com/v3.3.0/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/573.js?v=88c60d667b56f2bd9a13
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8366eefdf695eede0682219d541f6192c1c636ae589e35358f182ea46e66a3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-7479"
age
22181
cf-ray
8e15455178cb9762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
UnifiedLoginForm.js
landings-frontend.plarium.com/v3.3.0/ 		63 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/UnifiedLoginForm.js?v=a31ca77fb94233440a93
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b66456a5e42a3bdbda7b872ce8570258b65f51ef3eed9353bcbd66befcd947f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-154c9"
age
25261
cf-bgj
minify
cf-ray
8e15455178cc9762-FRA
expires
Wed, 13 Nov 2024 08:49:47 GMT
cf-polished
origSize=87241
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
geo4.js
cdn3.optimizely.com/js/ 		316 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo4.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/26945080260.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.14 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72a1596669a5da54eea48cbc11f6ddbe0f4c7fbdd54fd8b7c82aeefd06fba842

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

cf-ray
8e1545517f729a23-FRA
content-encoding
br
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/ 		485 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d4aef9bed55602376f4e4d63fffb47c337df4e98c872fbe42ad48829b5fefeec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 12 Nov 2024 08:49:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 12 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
126003
x-xss-protection
0
server
Google Tag Manager
logo016.png
cdn-gpd.x-plarium.com/browser/content/lps/logo/Raid/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/logo/Raid/logo016.png
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d969be4af444ec4b9b9c2cdea82ee45768b1caf279824ff0de416c2763e5200d

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=94XYqQ==, md5=Fwh9uKtc2LqRcW3WjkwNGA==
etag
"17087db8ab5cd8ba91716dd68e4c0d18"
age
1366
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
29582
date
Tue, 12 Nov 2024 08:27:01 GMT
last-modified
Tue, 30 Jan 2024 15:33:14 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY0r9KcTly4u4H7V_KPV5x1TJxxd9P3DV8J3fl2zpMRsUdcFu8J8_3Oz8BPhKsnCWWJKXpIl_1WlcA
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1706628794806229
content-length
29582
content-language
en
server
UploadServer
Luthiea_ux_2_compressed.mp4
cdn-gpd.x-plarium.com/browser/content/lps/backgrounds/luthiea/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/backgrounds/luthiea/Luthiea_ux_2_compressed.mp4
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
36e8c6fc222e7a2ce65b7a508428fa16e89212815ac836a91f98d6ef0105cc28

Request headers

Referer
https://lps.plarium.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Range
bytes=0-

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=wmMRFA==, md5=R2d4Ls+3hCeScFR0IXQBdQ==
etag
"4767782ecfb784279270547421740175"
age
2802
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
2405519
date
Tue, 12 Nov 2024 08:03:05 GMT
last-modified
Thu, 22 Aug 2024 10:04:23 GMT
content-type
video/mp4
x-guploader-uploadid
AHmUCY1GHSyllvJ8gZjNw_FZ_HLelf1BEnuulPbZ7g-9IsXtOWT-imBw9mHStd6EizgCXm99yw4
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
Content-Range
bytes 0-2405518/2405519
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1724321063330451
Content-Length
2405519
server
UploadServer
a26310650654.html
a26310650654.cdn.optimizely.com/client_storage/ Frame 4306 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a26310650654.cdn.optimizely.com/client_storage/a26310650654.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/26945080260.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://lps.plarium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

accept-ranges
bytes
age
526
cache-control
max-age=120
cf-cache-status
HIT
cf-ray
8e154551cfc337ef-FRA
content-encoding
gzip
content-length
771
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 08:49:47 GMT
etag
"12001bed25ac1bd1249617514602dcde"
last-modified
Wed, 06 Nov 2024 11:18:08 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="HIT"
vary
Accept-Encoding
x-amz-id-2
Sz4z12clpmMQaM7lPt7y2ZpQsbkeAaYOLN6SbDxtCYwzyu9F6ZadqdiTqu3uqMXxbEkcX0zWJng=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
ZKG43J0FZJP36HNM
x-amz-server-side-encryption
AES256
x-amz-version-id
a7sq00tj2dChRp0Xi07yqOOYP0BInDSe
c108f68a-cf33-49fd-af5e-0c72d3e7140d
https://lps.plarium.com/ Frame 		0
0
/
datadome.plarium.com/js/ 		232 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datadome.plarium.com/js/
Requested by
Host: datadome.plarium.com
URL: https://datadome.plarium.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-42.fra60.r.cloudfront.net
Software
DataDome /
Resource Hash
432b3e51fbda3ed7d38b5d07ccc1ca26ca46e9491b5a6f7741971c7c760011d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
232
x-amz-cf-id
_Dd8N0q8DwG4NQE83uAOfKGyuA-eNmM9whx6CPXLjOgDjUK1_EhM_Q==
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/json;charset=utf-8
x-amz-cf-pop
FRA60-P1
server
DataDome
4325.css
landings-frontend.plarium.com/v3.3.0/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/4325.css?v=fcfbd0d356bbbf41499a
Requested by
Host: landings-frontend.plarium.com
URL: https://landings-frontend.plarium.com/v3.3.0/prelander-general/client.js?v=435f4298b536a4a36b59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da2526e914f504ff9a65d577a5f350da146ee490da17856f1670b2fb2f24915
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-1fe8"
age
5064
cf-ray
8e154553fb2e9762-FRA
expires
Wed, 13 Nov 2024 08:49:48 GMT
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
text/css
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
4325.js
landings-frontend.plarium.com/v3.3.0/ 		533 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/4325.js?v=366867659a254e21a776
Requested by
Host: landings-frontend.plarium.com
URL: https://landings-frontend.plarium.com/v3.3.0/prelander-general/client.js?v=435f4298b536a4a36b59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6e393ed9e8766df188fe627a776d33bfd9dd150c83c550dffa04c916bc7a657
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-280"
age
83050
cf-bgj
minify
cf-ray
8e154553fb339762-FRA
expires
Wed, 13 Nov 2024 08:49:48 GMT
cf-polished
origSize=640
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
1386.css
landings-frontend.plarium.com/v3.3.0/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/1386.css?v=5c78a2a1cafe9d690968
Requested by
Host: landings-frontend.plarium.com
URL: https://landings-frontend.plarium.com/v3.3.0/prelander-general/client.js?v=435f4298b536a4a36b59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b566572f341090a48c8e9d750626f7b1799b438ba34f31ec6eea5c645081a2f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-1c3e"
age
10753
cf-bgj
minify
cf-ray
8e1545540b4a9762-FRA
expires
Wed, 13 Nov 2024 08:49:48 GMT
cf-polished
origSize=7230
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
text/css
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
1386.js
landings-frontend.plarium.com/v3.3.0/ 		1007 B
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/1386.js?v=a36992e52d762e7369c6
Requested by
Host: landings-frontend.plarium.com
URL: https://landings-frontend.plarium.com/v3.3.0/prelander-general/client.js?v=435f4298b536a4a36b59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
657281eabf7e715e785a7fc2e454587e91749546f0f300b74f5db155e32b8a05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-3ef"
age
40814
cf-ray
8e1545540b4e9762-FRA
expires
Wed, 13 Nov 2024 08:49:48 GMT
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
7892.css
landings-frontend.plarium.com/v3.3.0/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/7892.css?v=17503b493389fe372220
Requested by
Host: landings-frontend.plarium.com
URL: https://landings-frontend.plarium.com/v3.3.0/prelander-general/client.js?v=435f4298b536a4a36b59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6c66b44d829b14e6e44e0b5c5b3ef51f7ceae37b31229c4d2b7f2ed7e757de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-2ba0"
age
13187
cf-ray
8e1545540b529762-FRA
expires
Wed, 13 Nov 2024 08:49:48 GMT
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
text/css
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
7892.js
landings-frontend.plarium.com/v3.3.0/ 		1015 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/7892.js?v=669e5a8b9213e5f11677
Requested by
Host: landings-frontend.plarium.com
URL: https://landings-frontend.plarium.com/v3.3.0/prelander-general/client.js?v=435f4298b536a4a36b59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68ad50f79291823a7dc580ff41d3be8263161249dd2050224bbeeb863ff4e5e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-462"
age
73211
cf-bgj
minify
cf-ray
8e1545540b549762-FRA
expires
Wed, 13 Nov 2024 08:49:48 GMT
cf-polished
origSize=1122
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
/
lps.plarium.com/api/user/data/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lps.plarium.com/api/user/data/?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img=%7Bkey%7D&placement=%7Bplacement%7D&publisherId=6118780
Requested by
Host: datadome.plarium.com
URL: https://datadome.plarium.com/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf2d4a32857fd80cda7e31ee1587b04ebef223dc4d6343390d59fdf2b3d37bf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

language_id
3
Time-Zone
-1
Referer
https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
app_id
27
sec-ch-device-memory
8
theme_id
52
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
application/json
sitemap_id
1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
trace-id
03b3221a652e0017723e5e85132386af
cf-ray
8e1545541b619762-FRA
date
Tue, 12 Nov 2024 08:49:48 GMT
x-datadome
protected
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
sync
gum.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sync?a=1&r=2&c=421&j=handleCriteoCookie
  • https://gum.criteo.com/sync?s=1&a=1&r=2&c=421&j=handleCriteoCookie
80 B
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?s=1&a=1&r=2&c=421&j=handleCriteoCookie
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fd9f1f0c5416a8a8cbb3a245825d7741133b95a833264a265f43fd94527cc4f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=3600
content-encoding
gzip
access-control-allow-credentials
true
server-processing-duration-in-ticks
772729
expires
60
access-control-allow-origin
https://lps.plarium.com
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
location
/sync?s=1&a=1&r=2&c=421&j=handleCriteoCookie
access-control-allow-credentials
true
server-processing-duration-in-ticks
972647
access-control-allow-origin
https://lps.plarium.com
content-length
0
date
Tue, 12 Nov 2024 08:49:48 GMT
server
Kestrel
js
www.googletagmanager.com/gtag/ 		417 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5FNDF9DMY8&l=dataLayer&cx=c&gtm=45He4b70v79175763za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e3af338b2dab54b1818a24f5a21c89a1b0451f18d3e7f9b4d7061933a74fff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 12 Nov 2024 08:49:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
136298
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184&scrsrc=www.googletagmanager.com&frm=0&rnd=799195506.1731401388&auid=1249539189.1731401388&npa=1&gtm=45He4b70v79175763za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&tft=1731401388298&tfd=1219&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FEC13EB7FB0B4FF3A2C824BF836369FB Ref B: FRAEDGE1317 Ref C: 2024-11-12T08:49:48Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
destination
www.googletagmanager.com/gtag/ 		280 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-975484573&l=dataLayer&cx=c&gtm=45He4b70v79175763za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
15d659692f1d42ddda8524c6469067888a07082430dadbd7a58f45737b3e138b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 12 Nov 2024 08:49:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 12 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98568
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		283 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11039079270&l=dataLayer&cx=c&gtm=45He4b70v79175763za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5030810c6717956e14836908751238de30594782a6e9f5a69e9f5f0eac999a48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 12 Nov 2024 08:49:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 12 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99645
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/4113315
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gDLcxm3c' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gDLcxm3c' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4461, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
GMUj9PrIZJKuL91XfKUSfUKqMQkLnj/TQliluOHxzpKnL6Nhfk6kpbIgGujaI6BZK4gIJ2fw+Tk9rcO5BhPMsQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
tfa.js
cdn.taboola.com/libtrc/unip/1153814/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1153814/tfa.js
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/4113315
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81e8c5190861c7d400a7d47ed98cca80c341ec0289ae06bca892bf57f52867fe

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
gzip
etag
"78402c82073e7ebb02e3dc1b1f074b8f"
x-amz-version-id
HY3HA1hLSbqzkeU0HTESqLD4OOIeYsm0
age
123
x-cache
HIT
date
Tue, 12 Nov 2024 08:49:48 GMT
last-modified
Sun, 10 Nov 2024 11:13:39 GMT
x-served-by
cache-fra-eddf8230140-FRA
x-cache-hits
1
content-type
application/javascript; charset=utf-8
x-amz-id-2
WBbDcNa1QhfS5CaRRitp3u4S5nJ012OUHjXHMUJ14cg8Rfyt0pxVDenmoh0HdYCXjYx2ux3AnRE=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14401
x-timer
S1731401388.348011,VS0,VE2
via
1.1 varnish
x-amz-request-id
2A28BW8D3406B1R1
accept-ranges
bytes
access-control-allow-origin
*
abp
87
content-length
22033
server
AmazonS3
x-amz-server-side-encryption
AES256
obtp.js
amplify.outbrain.com/cp/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/4113315
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f76bcf5ed9ce17975c95265a4a56ea171b80d6530564b86936ab1da6bdccfd3b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

Cache-Control
max-age=1200
Content-Encoding
gzip
ETag
"41e730392bc1cbca795ee81659f83e27:1730623230.160237"
Connection
keep-alive
Expires
Tue, 12 Nov 2024 09:09:48 GMT
Accept-Ranges
bytes
X-CC
DE
Content-Length
9303
X-RG
EU
Date
Tue, 12 Nov 2024 08:49:48 GMT
Content-Type
application/x-javascript
Last-Modified
Sun, 03 Nov 2024 08:37:20 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame C05B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Flps.plarium.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

accept-ranges
bytes
age
492915
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Nov 2024 15:54:33 GMT
expires
Thu, 06 Nov 2025 15:54:33 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
CopyableText.js
landings-frontend.plarium.com/v3.3.0/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landings-frontend.plarium.com/v3.3.0/CopyableText.js?v=b35d71f74111fdf3acac
Requested by
Host: landings-frontend.plarium.com
URL: https://landings-frontend.plarium.com/v3.3.0/prelander-general/client.js?v=435f4298b536a4a36b59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
502e9d61d8cdd1c800cd68cb38a42fd9a5304aefadd2ad92d38a13ec101a3f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cda19-529f"
age
29681
cf-ray
8e1545553c989762-FRA
expires
Wed, 13 Nov 2024 08:49:48 GMT
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 08:45:13 GMT
vary
Accept-Encoding
server
cloudflare
facebook.svg
cdn-gpd.x-plarium.com/browser/content/lps/forms/002/social_buttons_jt1604/ 		698 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/forms/002/social_buttons_jt1604/facebook.svg
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
392783507b51cf280163f3ac399a78673f99090c5add0e5f9703fa34673236b4

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=w5DViQ==, md5=MiLhVJVRYRe/RWbVXpBH0A==
etag
"3222e15495516117bf4566d55e9047d0"
age
1085
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
698
date
Tue, 12 Nov 2024 08:31:43 GMT
last-modified
Tue, 30 Jan 2024 15:23:24 GMT
content-type
image/svg+xml
x-guploader-uploadid
AHmUCY0G6R-1i_f3CkWndaNLOm7TtRF5c7alp3-w58iXoarXaqqUacVFEbTJNQUUa0G3lpXb9q0
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1706628204643494
content-length
698
content-language
en
server
UploadServer
google.svg
cdn-gpd.x-plarium.com/browser/content/lps/forms/002/social_buttons_jt1604/ 		1020 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/forms/002/social_buttons_jt1604/google.svg
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ccf4818dce5e0230c9347141a983abc5bc2f116e99b80f1ff15ffab52e666de6

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=Eum+eA==, md5=O6TBKo9vvHxV2YP4QaBL1Q==
etag
"3ba4c12a8f6fbc7c55d983f841a04bd5"
age
571
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1020
date
Tue, 12 Nov 2024 08:40:17 GMT
last-modified
Tue, 30 Jan 2024 15:21:54 GMT
content-type
image/svg+xml
x-guploader-uploadid
AHmUCY2SHyVlqdwIIiobjchsfnaur9uT1cY8b1JDXHk3shFs-oghcZOqbdDh5YJjS8W0XG6jo4HuZPePXA
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1706628114059528
content-length
1020
content-language
en
server
UploadServer
twitch.svg
cdn-gpd.x-plarium.com/browser/content/lps/forms/002/social_buttons_jt1604/ 		494 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/forms/002/social_buttons_jt1604/twitch.svg
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4c35ac3c5179cda0de8831ebbda65aec2d866b4376735afaa9cd42aed5a920e4

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=Z/DTKg==, md5=crO3SeeQvxBChN7RnYL1RA==
etag
"72b3b749e790bf104284ded19d82f544"
age
1990
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
494
date
Tue, 12 Nov 2024 08:16:38 GMT
last-modified
Tue, 30 Jan 2024 15:21:57 GMT
content-type
image/svg+xml
x-guploader-uploadid
AHmUCY0uPDYo1NPoN3WGbQGBYL2AO7BDurZ-LjYnkPbvUMKKgArdkjo-yQbT7yY7EslNnzHpFDXN6SHd4A
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1706628117588379
content-length
494
content-language
en
server
UploadServer
roboto-v20-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-500.woff2
cdn-gpd.x-plarium.com/browser/content/lps/fonts/Roboto/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/fonts/Roboto/roboto-v20-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-500.woff2
Requested by
Host: landings-frontend.plarium.com
URL: https://landings-frontend.plarium.com/v3.3.0/prelander-general/styles.css?v=b5f70333eb4d2544ccf4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
44e2c42df34b1029bff5762f2d9c0c7dc5b4268b965d70d4cc2cb66dafc52423

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Origin
https://lps.plarium.com
Referer
https://landings-frontend.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cKJUMQ==, md5=b2nZm5sHBqKpVe1C1kdCoQ==
etag
"6f69d99b9b0706a2a955ed42d64742a1"
age
3324
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
51400
date
Tue, 12 Nov 2024 07:54:24 GMT
last-modified
Tue, 30 Jan 2024 15:21:47 GMT
content-type
application/octet-stream
x-guploader-uploadid
AHmUCY2cnb_BUfpIjzFrR1Z_4lB0-aoVLTLObXFR_01OQzsVJ7hdZANQLciMHO5i7zRwm0VDNFz0o4wJow
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1706628107015597
content-length
51400
content-language
en
server
UploadServer
roboto-v20-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-regular.woff2
cdn-gpd.x-plarium.com/browser/content/lps/fonts/Roboto/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/fonts/Roboto/roboto-v20-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-regular.woff2
Requested by
Host: landings-frontend.plarium.com
URL: https://landings-frontend.plarium.com/v3.3.0/prelander-general/styles.css?v=b5f70333eb4d2544ccf4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a7bf1f115e60e0c8f3b335df66d4d77baaae4eb11d2cea2cf7c5b4693403a46f

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Origin
https://lps.plarium.com
Referer
https://landings-frontend.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=u02XSw==, md5=lUk2AJC68uuLJdOpcI/BnQ==
etag
"9549360090baf2eb8b25d3a9708fc19d"
age
2017
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
51116
date
Tue, 12 Nov 2024 08:16:11 GMT
last-modified
Tue, 30 Jan 2024 15:21:47 GMT
content-type
application/octet-stream
x-guploader-uploadid
AHmUCY28_ebPsBZN3grh2rCUJhFj_-s803UCmvgsZZBiGrnZy89C1bVKADY4ZBiCAuJ4Azt6-K8
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1706628107278103
content-length
51116
content-language
en
server
UploadServer
event
collector.plarium.com/api/ 		0
198 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://collector.plarium.com/api/event
Requested by
Host: datadome.plarium.com
URL: https://datadome.plarium.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.31.194.150 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.194.31.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
application/json;charset=utf-8
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
https://lps.plarium.com
content-length
0
date
Tue, 12 Nov 2024 08:49:48 GMT
trace-id
a48b8ac6d94fe26e4145539bb11ac906
vary
Origin
access-control-allow-credentials
true
event
collector.plarium.com/api/ 		0
198 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://collector.plarium.com/api/event
Requested by
Host: datadome.plarium.com
URL: https://datadome.plarium.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.31.194.150 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.194.31.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
application/json;charset=utf-8
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
https://lps.plarium.com
content-length
0
date
Tue, 12 Nov 2024 08:49:48 GMT
trace-id
46138f21aad26196b971ccdc71d18e34
vary
Origin
access-control-allow-credentials
true
event
collector.plarium.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.plarium.com/api/event
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.31.194.150 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.194.31.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lps.plarium.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://lps.plarium.com
access-control-max-age
922337203685.4775
date
Tue, 12 Nov 2024 08:49:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
ed00187219fb0e69d2303b19877e9448
vary
Origin
event
collector.plarium.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.plarium.com/api/event
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.31.194.150 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.194.31.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lps.plarium.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://lps.plarium.com
access-control-max-age
922337203685.4775
date
Tue, 12 Nov 2024 08:49:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
98fb9dfce86f6d4f75c70dac44e6b84a
vary
Origin
collect
region1.analytics.google.com/g/ 		0
554 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-5FNDF9DMY8&gtm=45je4b70v876196366z879175763za200zb79175763&_p=1731401387699&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&cid=2141961708.1731401388&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731401388&sct=1&seg=0&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&dt=RAID%3A%20Shadow%20Legends&en=page_view&_fv=1&_nsi=1&_ss=1&epn.time_stamp=1731401388299&ep.system_architecture=x64&ep.gtm_custom_event_trigger=gtm.js&ep.emitter=GTM&ep.pxl=ppl_-_cpi&ep.environment=prod&up.client_id=oid6629225443.1731401387&tfd=1385
Requested by
Host: datadome.plarium.com
URL: https://datadome.plarium.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://lps.plarium.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
554 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5FNDF9DMY8&cid=2141961708.1731401388&gtm=45je4b70v876196366z879175763za200zb79175763&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101823848~101925629~102077855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5FNDF9DMY8&l=dataLayer&cx=c&gtm=45He4b70v79175763za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://lps.plarium.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5FNDF9DMY8&cid=2141961708.1731401388&gtm=45je4b70v876196366z879175763za200zb79175763&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101823848~101925629~102077855&tag_exp=101823848~101925629~102077855&z=1776132548
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 12 Nov 2024 08:49:48 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
416824283745742
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/416824283745742?v=2.9.176&r=stable&domain=lps.plarium.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
28b625eb0f3056a0e546573050d2316a02edcab4a9c69210bc33a02db6495979
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-eWulWTLh' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-eWulWTLh' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=75, mss=1232, tbw=70913, tp=67, tpl=0, uplat=2, ullat=-1
pragma
public
x-fb-debug
abdc5t7XCsv5PubrxbSdVAiqJZ2Z9oBd2Qdhy9UDdxxNEcUZV/ZKA/mU5tsTi/PPh1UPCNdAoYobqrYgpo6RrQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
13447
x-xss-protection
0
origin-agent-cluster
?1
004a5b79a05aca3b2af4597936f43726e3
wave.outbrain.com/mtWavesBundler/handler/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/004a5b79a05aca3b2af4597936f43726e3
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-148.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8eec6933410072a976a26f3efb249fb5e4ffd1b79ffd02e9f00dbf2eee4b3cc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
Cache-Control
max-age=60
ob-sent-time
1731341148630
Content-Encoding
gzip
ETag
W/"cf7-KEn7qznlF9AG4ZzKbFQBLGlxNd4"
Connection
keep-alive
Expires
Tue, 12 Nov 2024 08:50:48 GMT
Access-Control-Allow-Origin
*
X-CC
DE
Content-Length
1506
X-RG
EU
Date
Tue, 12 Nov 2024 08:49:48 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
x-traceid
ec3c6659aa18e051b1e5a15b4cf2388f
topics
amplify.outbrain.com/ 		26 B
301 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/topics
Requested by
Host: datadome.plarium.com
URL: https://datadome.plarium.com/tags.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-148.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

Cache-Control
max-age=1200
Connection
keep-alive
Observe-Browsing-Topics
?1
Expires
Tue, 12 Nov 2024 09:09:48 GMT
Access-Control-Allow-Origin
*
X-CC
DE
Content-Length
26
X-RG
EU
Date
Tue, 12 Nov 2024 08:49:48 GMT
Content-Type
text/html
unifiedPixel
tr.outbrain.com/ 		53 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?au=false&bust=02090238590586564&referrer=&cht=gtm&marketerId=004a5b79a05aca3b2af4597936f43726e3&name=PAGE_VIEW&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&g=1&zone=euZone1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: datadome.plarium.com
URL: https://datadome.plarium.com/tags.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
54
content-encoding
br
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
image/gif;
x-traceid
3f86307b1fe3eebae8af39dced3ea9a6
cachedClickId
tr.outbrain.com/ 		35 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=004a5b79a05aca3b2af4597936f43726e3
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
39
content-encoding
br
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/javascript
x-traceid
0abe3732b4f45ff7ec434cf2c9c9f019
topics_api
psb.taboola.com/ 		65 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: datadome.plarium.com
URL: https://datadome.plarium.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

cache-control
private, max-age=2592000
retry-after
0
x-timer
S1731401389.577700,VS0,VE0
observe-browsing-topics
?1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
65
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
text/html; charset=utf-8
x-served-by
cache-fra-eddf8230022-FRA
server
Varnish
x-cache-hits
0
json
trc.taboola.com/1153814/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1153814/trc/3/json?tim=1731401388564&data=%7B%22id%22%3A652%2C%22ii%22%3A%22%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1731401388556%2C%22cv%22%3A%2220241107-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dplariumeurope-plariumplay-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1731401388562%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1153814/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fbca1568c571705cf15452438611fd9e0adaeab47886e227d49a22ec609df831

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230140-FRA
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
11422
x-timer
S1731401389.587663,VS0,VE22
x-vcl-time-ms
22
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.24075000000000002
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
/
www.googleadservices.com/pagead/conversion/11039079270/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/11039079270/?random=1731401388583&cv=11&fst=1731401388583&bg=ffffff&guid=ON&async=1&gtm=45be4b70z879175763za201zb79175763&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&label=5fcsCOHQvI8ZEOb2648p&hn=www.googleadservices.com&frm=0&tiba=RAID%3A%20Shadow%20Legends&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1249539189.1731401388&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=m&fdr=CA&capi=1&em=tv.1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11039079270&l=dataLayer&cx=c&gtm=45He4b70v79175763za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
d6178236fc3a9f809665c6b75b350eac4c5ef238bdf7c120304343df34260d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2842
date
Tue, 12 Nov 2024 08:49:48 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
211022857.js
bat.bing.com/p/action/ 		362 B
420 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/211022857.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1fc671898ad010ba690b89d83f8c813088990a6018b21818096387fe4a2c8e67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 786169C1FE3B4DC8A4108D94AC52DDAA Ref B: FRAEDGE1317 Ref C: 2024-11-12T08:49:48Z
x-cache
CONFIG_NOCACHE
date
Tue, 12 Nov 2024 08:49:47 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
p1.1.png
cdn-gpd.x-plarium.com/browser/content/lps/copyable_text/luthiea/compressed/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/copyable_text/luthiea/compressed/p1.1.png
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
36512d56e3b8ab2c212b3fe9ee3bd145f4b9c4d41f6621314611997879da686e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=ePGJuw==, md5=UnhI2pZEQTSUj2zh1Fn2WA==
etag
"527848da96444134948f6ce1d459f658"
age
3139
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
9789
date
Tue, 12 Nov 2024 07:57:29 GMT
last-modified
Tue, 27 Aug 2024 09:05:24 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY2WzMDh32cgMoTHEEzyJBKENT6jdlZftrCCujPd8c1Zqri7vR2gToNHKrq-Imtj0pTsXRqw4xYB6A
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1724749524292655
content-length
9789
server
UploadServer
p2.png
cdn-gpd.x-plarium.com/browser/content/lps/copyable_text/luthiea/compressed/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/copyable_text/luthiea/compressed/p2.png
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4811006ae6567558ab5cdb3d1e409dacd4b0fab2f134b746e7607446a91d2502

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=pCWMxA==, md5=tl+kdzhOQXSOggfu036YXw==
etag
"b65fa477384e41748e8207eed37e985f"
age
1085
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6683
date
Tue, 12 Nov 2024 08:31:43 GMT
last-modified
Fri, 23 Aug 2024 08:20:38 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY1LCflZoHcPXIiWcf5vG6v8rT11pMNNKyeHtLAQjM9JgrcBbFpvxq6eYAHHUwY4gZHc6ms
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1724401238327827
content-length
6683
server
UploadServer
p3.png
cdn-gpd.x-plarium.com/browser/content/lps/copyable_text/luthiea/compressed/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/copyable_text/luthiea/compressed/p3.png
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ad9bf80ea8085bdf5760c2dd9a6404904f5d514648cd42998f8bc241ecaa8b29

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=D8TzVA==, md5=ofygocUqaYI04E7yVp0Luw==
etag
"a1fca0a1c52a698234e04ef2569d0bbb"
age
0
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6900
date
Tue, 12 Nov 2024 08:49:48 GMT
last-modified
Fri, 23 Aug 2024 08:20:38 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY2qRngwzSSMPNrGSl-LKYBG6aJzD9izAIhP1NRl_WAoEnvFVc1YeBiwIROZY5ca049aR1uyoUARSw
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1724401238331535
content-length
6900
server
UploadServer
p4.png
cdn-gpd.x-plarium.com/browser/content/lps/copyable_text/luthiea/compressed/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/copyable_text/luthiea/compressed/p4.png
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2fc476fa1311607435501409ac011dcfc57c2a5294bd8026b10a4c7113171a5e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=f90zFg==, md5=mMGLykFlJ95Hgs7iDQ6oGQ==
etag
"98c18bca416527de4782cee20d0ea819"
age
1085
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6959
date
Tue, 12 Nov 2024 08:31:43 GMT
last-modified
Fri, 23 Aug 2024 08:20:38 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY1TC32U_6FADbg_XgLUZBySQg0XB0tpW2EuSk3UnnmkABiauIE5dsd7ZhmsSdQcdQOFaA
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1724401238373063
content-length
6959
server
UploadServer
copy.svg
cdn-gpd.x-plarium.com/browser/content/lps/copyable_text/luthiea/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/copyable_text/luthiea/copy.svg
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a3c6209863894f0d69b4f97d5de8eacbeca7438ba991341cac6abbf9c1116ab0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=PY3lSw==, md5=i1BkL9N5xewR4ykGmhKqpA==
content-encoding
br
age
3141
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
2921
date
Tue, 12 Nov 2024 07:57:27 GMT
last-modified
Fri, 23 Aug 2024 12:45:22 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0aBU91Mr8XLeAV4dEDJuX521bnWpC2Dbh2wv5i-b4yY2fvDo835R3T8Eg_NV2ShnHEJY3CmCL5Gw
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1724417122937259
content-length
1194
server
UploadServer
2179571662182360
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2179571662182360?v=2.9.176&r=stable&domain=lps.plarium.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
369f54e3e7c21ae236361d0e646d79d088ceb7b330979a226677cdc3d679f8df
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-CDNUcJ21' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-CDNUcJ21' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=87, mss=1232, tbw=85425, tp=82, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
4HiVxz92/Evrf62z1L339o1C6fNCq70i9TfbPRrdagGpOAErg6T4pofk4EpG1hkkjCcdyHtMv+/v78uhZU0I3g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
3119
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=416824283745742&ev=PageView&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&rl=&if=false&ts=1731401388632&sw=1600&sh=1200&ud[external_id]=fecefa0de8ee732ac73c98c5117b488e28ce06ea90438ef57b2d3796c999c230&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731401388631.836109581626585295&ler=empty&cdl=API_unavailable&it=1731401388549&coo=false&rqm=GET
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4505, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=416824283745742&ev=PageView&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&rl=&if=false&ts=1731401388632&sw=1600&sh=1200&ud[external_id]=fecefa0de8ee732ac73c98c5117b488e28ce06ea90438ef57b2d3796c999c230&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731401388631.836109581626585295&ler=empty&cdl=API_unavailable&it=1731401388549&coo=false&rqm=FGET
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
br
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436312338026381205"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
8sCdaYScyjAzBnxb16PqAwZiD+baPxVzOWr9ujKaQUruUNGBpEipY3auovdy5F4olAzxYREGyISt+HFD79VQnQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436312338026381205", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=24, mss=1232, tbw=5705, tp=25, tpl=0, uplat=159, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
dark_gift_icon.png
cdn-gpd.x-plarium.com/browser/content/lps/copyable_text/luthiea/ 		487 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-gpd.x-plarium.com/browser/content/lps/copyable_text/luthiea/dark_gift_icon.png
Requested by
Host: landings-frontend.plarium.com
URL: https://landings-frontend.plarium.com/v3.3.0/4325.css?v=fcfbd0d356bbbf41499a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ec304c2a4fe55ccd9d8d6292125f9e858de9330d18b821e1dc3071dea3917b33

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://landings-frontend.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=a+wUHg==, md5=5Uu66HnRzQWMD4SBHn/WYg==
etag
"e54bbae879d1cd058c0f84811e7fd662"
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
487
date
Tue, 12 Nov 2024 08:49:48 GMT
last-modified
Fri, 23 Aug 2024 14:50:17 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY0lmR2_kWqOY6sOwKpiHhGfKK_FrKOaRKvfd_xjD-EophrSJF_G-Ge25tdsBBuItlSMkDsnW2aSbg
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1724424617408230
content-length
487
server
UploadServer
0
bat.bing.net/actionp/ 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.net/actionp/0?ti=211022857&Ver=2&mid=f7611e13-d426-4614-ab78-5fe62d551717&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 557BF83C637B4A3C8A9C1C97DE35DB02 Ref B: FRAEDGE1511 Ref C: 2024-11-12T08:49:48Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 12 Nov 2024 08:49:48 GMT
0
bat.bing.net/action/ 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.net/action/0?ti=211022857&Ver=2&mid=f7611e13-d426-4614-ab78-5fe62d551717&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=RAID%3A%20Shadow%20Legends&p=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&r=&lt=651&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=39828
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6D21A5CFFAD54D56A62DF6949A59783D Ref B: FRAEDGE1511 Ref C: 2024-11-12T08:49:48Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 12 Nov 2024 08:49:48 GMT
401648841618773
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/401648841618773?v=2.9.176&r=stable&domain=lps.plarium.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66878b48b7806b6689ba1aa763c6f621f34b11d316a48b357e11b0c2c331c9de
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Dt2jCSSg' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Dt2jCSSg' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=90, mss=1232, tbw=89377, tp=87, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
6avoh3TzOm7RDpvqZ+hlvBzqmxcH/VCc9J4oDqnmHvbQshl0clpJe9G5IBeUBcDWC567AsZIOgGSeFmfWAOHtA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
3094
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2179571662182360&ev=PageView&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&rl=&if=false&ts=1731401388656&sw=1600&sh=1200&ud[external_id]=fecefa0de8ee732ac73c98c5117b488e28ce06ea90438ef57b2d3796c999c230&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731401388631.836109581626585295&ler=empty&cdl=API_unavailable&it=1731401388549&coo=false&rqm=GET
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4921, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2179571662182360&ev=PageView&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&rl=&if=false&ts=1731401388656&sw=1600&sh=1200&ud[external_id]=fecefa0de8ee732ac73c98c5117b488e28ce06ea90438ef57b2d3796c999c230&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731401388631.836109581626585295&ler=empty&cdl=API_unavailable&it=1731401388549&coo=false&rqm=FGET
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
br
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436312339014886641"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
nBqPFxxJckqBAekuPbJjXFcnB186NlfHE9SPBRDrMwemJyk/ew9mYiRAriBgIYJqZw2ubENi71LCzwIVWGvtGA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436312339014886641", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=26, mss=1232, tbw=8441, tp=28, tpl=0, uplat=153, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
1177151199805353
connect.facebook.net/signals/config/ 		26 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1177151199805353?v=2.9.176&r=stable&domain=lps.plarium.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b501eb45bc9c7edb7bf7e23febfb7ecf42d3cf96c04389a7b102f1a9bc31cb52
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-zP92jdP9' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-zP92jdP9' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=92, mss=1232, tbw=93297, tp=92, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
ZW0jXobLyNMkeT4wBVgJA6ZKhJCTZbEDDAVDuZ8oppNufEJwZby7RXzjLz/fnXCWsvOtAvyrZPTIfVR7rIollg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
3170
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=401648841618773&ev=PageView&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&rl=&if=false&ts=1731401388673&sw=1600&sh=1200&ud[external_id]=fecefa0de8ee732ac73c98c5117b488e28ce06ea90438ef57b2d3796c999c230&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731401388631.836109581626585295&ler=empty&cdl=API_unavailable&it=1731401388549&coo=false&rqm=GET
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=24, mss=1232, tbw=5177, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=401648841618773&ev=PageView&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&rl=&if=false&ts=1731401388673&sw=1600&sh=1200&ud[external_id]=fecefa0de8ee732ac73c98c5117b488e28ce06ea90438ef57b2d3796c999c230&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731401388631.836109581626585295&ler=empty&cdl=API_unavailable&it=1731401388549&coo=false&rqm=FGET
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
br
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436312337823382512"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x10e1ecd8c509aae6","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["6792106457532817"]},"debug_reporting":true,"debug_key":"1704978655750314717"}
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
DZCtqQ8DLeJb+8w2bgE2loqkeQKIkdfsNe8kpzx+AhQyU6MPwX1XR1C31PEj3eBIXEdQnZ3KZlZATnzea72XLw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436312337823382512", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=27, mss=1232, tbw=9321, tp=29, tpl=0, uplat=157, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.google.de/pagead/1p-conversion/11039079270/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11039079270/?random=111717026&cv=11&fst=1731401388583&bg=ffffff&guid=ON&async=1&gtm=45be4b70z879175763za201zb79175763&gcd=13l3l3l2l1...
  • https://www.google.com/pagead/1p-conversion/11039079270/?random=111717026&cv=11&fst=1731401388583&bg=ffffff&guid=ON&async=1&gtm=45be4b70z879175763za201zb79175763&gcd=13l3l3l2l1l1&dma_cps=syphamo&dm...
  • https://www.google.de/pagead/1p-conversion/11039079270/?random=111717026&cv=11&fst=1731401388583&bg=ffffff&guid=ON&async=1&gtm=45be4b70z879175763za201zb79175763&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/11039079270/?random=111717026&cv=11&fst=1731401388583&bg=ffffff&guid=ON&async=1&gtm=45be4b70z879175763za201zb79175763&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&label=5fcsCOHQvI8ZEOb2648p&hn=www.googleadservices.com&frm=0&tiba=RAID%3A%20Shadow%20Legends&value=0&npa=1&pscdl=noapi&auid=1249539189.1731401388&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=m&fdr=CA&capi=1&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQII08WxAkondHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZSwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMItMjw5bTWiQMV2ukRCB2JYCRuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL2xwcy5wbGFyaXVtLmNvbS9CV0NoQUlnSmJNdVFZUXVNYThxSkxRenUwNkVpMEE1OXVXdFVXbk5KMVdSU2I0N1BTV25FMHhtMlZka0FNbDJ0ZXVJcGl5eXZUSVpxdXdsQlBxS0l0WjJrZw&is_vtc=1&cid=CAQSGwCa7L7dBYi_BSTfvMJvRbS8sScAIUSsvqDIwA&eitems=ChAIgJbMuQYQtYvypYbE3McfEh0AEe5uBFwtveqN--U3PNNEITaJxKqXEK_XVBdwIg&random=1570730180&ipr=y
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 12 Nov 2024 08:49:48 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/11039079270/?random=111717026&cv=11&fst=1731401388583&bg=ffffff&guid=ON&async=1&gtm=45be4b70z879175763za201zb79175763&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&label=5fcsCOHQvI8ZEOb2648p&hn=www.googleadservices.com&frm=0&tiba=RAID%3A%20Shadow%20Legends&value=0&npa=1&pscdl=noapi&auid=1249539189.1731401388&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=m&fdr=CA&capi=1&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQII08WxAkondHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZSwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMItMjw5bTWiQMV2ukRCB2JYCRuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL2xwcy5wbGFyaXVtLmNvbS9CV0NoQUlnSmJNdVFZUXVNYThxSkxRenUwNkVpMEE1OXVXdFVXbk5KMVdSU2I0N1BTV25FMHhtMlZka0FNbDJ0ZXVJcGl5eXZUSVpxdXdsQlBxS0l0WjJrZw&is_vtc=1&cid=CAQSGwCa7L7dBYi_BSTfvMJvRbS8sScAIUSsvqDIwA&eitems=ChAIgJbMuQYQtYvypYbE3McfEh0AEe5uBFwtveqN--U3PNNEITaJxKqXEK_XVBdwIg&random=1570730180&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 12 Nov 2024 08:49:48 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1177151199805353&ev=PageView&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&rl=&if=false&ts=1731401388693&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731401388631.836109581626585295&ler=empty&cdl=API_unavailable&it=1731401388549&coo=false&rqm=GET
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=24, mss=1232, tbw=5465, tp=22, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1177151199805353&ev=PageView&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&rl=&if=false&ts=1731401388693&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731401388631.836109581626585295&ler=empty&cdl=API_unavailable&it=1731401388549&coo=false&rqm=FGET
Requested by
Host: lps.plarium.com
URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
br
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436312339674294420"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
Q8I+osnJNmz29wFoQfbPaNuRgWqRuRGlqtEPH8mrZrahatJW3xNuipjk/3cHEvwBwZZfCvEpKsC3w9hHV3m9Pg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436312339674294420", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=27, mss=1232, tbw=10457, tp=30, tpl=0, uplat=161, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
events
logx.optimizely.com/v1/ 		0
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/26945080260.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.241.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://lps.plarium.com/

Response headers

x-request-id
d5dafa2f-1eaf-4cd5-acf1-97785d365c06
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
via
1.1 google
access-control-allow-origin
https://lps.plarium.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
text/plain
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
1369735443387425
connect.facebook.net/signals/config/ 		26 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1369735443387425?v=2.9.176&r=stable&domain=lps.plarium.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de32d2f5a9d60ab5a65cc4d40a584e59386d4d06c7d51aab4f8740595dfc0abf
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-aEZ8Zl3d' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-aEZ8Zl3d' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=92, mss=1232, tbw=97441, tp=99, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
+TL/J/gU5pjKw+xUI01egFAPuJyqtvHAj/Ae/1R53RbWOVAzehAPChgTPdkvG6QcN397ipmmgrMeF/tJ13sYJA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
3169
x-xss-protection
0
origin-agent-cluster
?1
favicon-32x32.png
cdn-gpd.x-plarium.com/browser/content/portal/common/favicon/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn-gpd.x-plarium.com/browser/content/portal/common/favicon/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:75c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ccba693f48bab745d5ec763e917000b42cfa4650ef087a59ec5cb1df086de808

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=mWKw+A==, md5=tHnOya1bJUR06th5pOalGg==
etag
"b479cec9ad5b254474ead879a4e6a51a"
age
1467
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1882
date
Tue, 12 Nov 2024 08:25:21 GMT
last-modified
Tue, 30 Jan 2024 16:34:44 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY2c1aVQIV0U8Ih0PL8ohjwV0RnZMDEB1MlEm1FecIWwXE_lih7Y4A8kZUPHmDetV0rwgIs
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1706632484741203
content-length
1882
content-language
en
server
UploadServer
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1369735443387425&ev=PageView&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&rl=&if=false&ts=1731401388885&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731401388631.836109581626585295&ler=empty&cdl=API_unavailable&it=1731401388549&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=29, mss=1232, tbw=11433, tp=33, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1369735443387425&ev=PageView&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&rl=&if=false&ts=1731401388885&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731401388631.836109581626585295&ler=empty&cdl=API_unavailable&it=1731401388549&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

content-encoding
br
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436312339744336756"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 08:49:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
AUoSb0+fEVKHbYwpdGMpeWJlLPZoFcB3olzs4N7vItBbl/LbMHCmgttsTKWEpYRf3YuwRbGkJsLtNEeiUjH4oA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436312339744336756", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=29, mss=1232, tbw=11673, tp=36, tpl=0, uplat=27, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
events
logx.optimizely.com/v1/ 		0
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/26945080260.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.241.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://lps.plarium.com/

Response headers

x-request-id
d1e0fb77-4680-4245-a351-cc8b30a920e9
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
via
1.1 google
access-control-allow-origin
https://lps.plarium.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 08:49:49 GMT
content-type
text/plain
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
unip
trc-events.taboola.com/1153814/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1153814/log/3/unip?en=pre_d_eng_tb&tos=1566&scd=0&ssd=1&est=1731401388560&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1731401390127&vi=1731401388556&ri=25540b5b8138e7ae3a5e9e76683106c9&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1153814/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://lps.plarium.com/

Response headers

access-control-allow-origin
https://lps.plarium.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 12 Nov 2024 08:49:50 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1153814/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1153814/log/3/unip?en=pre_d_eng_tb&tos=1566&scd=0&ssd=1&est=1731401388560&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1731401390127&vi=1731401388556&ri=25540b5b8138e7ae3a5e9e76683106c9&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://lps.plarium.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://lps.plarium.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 12 Nov 2024 08:49:50 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1153814/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1153814/log/3/unip?en=pre_d_eng_tb&tos=4580&scd=0&ssd=1&est=1731401388560&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1731401393141&vi=1731401388556&ri=25540b5b8138e7ae3a5e9e76683106c9&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1153814/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://lps.plarium.com/

Response headers

access-control-allow-origin
https://lps.plarium.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 12 Nov 2024 08:49:53 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1153814/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1153814/log/3/unip?en=pre_d_eng_tb&tos=4580&scd=0&ssd=1&est=1731401388560&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1731401393141&vi=1731401388556&ri=25540b5b8138e7ae3a5e9e76683106c9&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://lps.plarium.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://lps.plarium.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 12 Nov 2024 08:49:53 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
collect
region1.analytics.google.com/g/ 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-5FNDF9DMY8&gtm=45je4b70v876196366za200zb79175763&_p=1731401387699&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&cid=2141961708.1731401388&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731401388&sct=1&seg=0&dl=https%3A%2F%2Flps.plarium.com%2Fde%2Fdesktop%2Fraid%2Frdo%2Fmedia%2Fconditional_promocode_f092_jt3184%3Fplid%3D1549325%26pxl%3Dppl_-_cpi%26clickId%3D880123804347798220%26img%3D%7Bkey%7D%26placement%3D%7Bplacement%7D%26publisherId%3D6118780&dt=RAID%3A%20Shadow%20Legends&en=scroll&epn.time_stamp=1731401388498&ep.system_architecture=x64&ep.gtm_custom_event_trigger=gtm.scrollDepth&ep.emitter=GTM&ep.pxl=ppl_-_cpi&ep.environment=prod&epn.percent_scrolled=90&_et=50&tfd=6443
Requested by
Host: datadome.plarium.com
URL: https://datadome.plarium.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://lps.plarium.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://lps.plarium.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 08:49:53 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lps.plarium.com
URL
blob:https://lps.plarium.com/c108f68a-cf33-49fd-af5e-0c72d3e7140d

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| CloudflareApps object| optimizely function| _getOriginalIdFromCookie string| _plariumOriginalId object| dataLayer string| ddjskey object| ddoptions object| config object| PLP boolean| dataDomeProcessed object| dataDomeOptions object| __LOADABLE_LOADED_CHUNKS__ function| setImmediate function| clearImmediate object| regeneratorRuntime object| qa object| platform function| gReCaptchaHandler function| handleCriteoCookie object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| _tfa function| obApi object| uetq function| onYouTubeIframeAPIReady object| gaGlobal function| apiObj function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_deaee84b1a object| obBundle

20 Cookies

Domain/Path Name / Value
goobakocaup.com/ Name: OAID
Value: 008112c8c1ea4979f8fc25469e9848ea
goobakocaup.com/ Name: oaidts
Value: 1731401386
my.rtmark.net/ Name: ID
Value: 008112c8c1ea4979f8fc25469e9848ea
goobakocaup.com/ Name: syncedCookie
Value: true
goobakocaup.com/ Name: captcha
Value: system
.plarium.com/ Name: or_id.v1
Value: oid6629225443.1731401387
lps.plarium.com/ Name: a_uid
Value: e3a43c37-1fc8-4a60-bed5-574e902f1f6d
.plarium.com/ Name: flp.v2
Value: https%253a%252f%252flps.plarium.com%252fde%252fdesktop%252fraid%252frdo%252fmedia%252fconditional_promocode_f092_jt3184
.plarium.com/ Name: gu.v2
Value: %7B%22q%22%3A%22%253fplid%253d1549325%2526pxl%253dppl_-_cpi%2526clickId%253d880123804347798220%2526img%253d%257bkey%257d%2526placement%253d%257bplacement%257d%2526publisherId%253d6118780%22%2C%22lp%22%3A%22https%253a%252f%252flps.plarium.com%252fde%252fdesktop%252fraid%252frdo%252fmedia%252fconditional_promocode_f092_jt3184%25253fplid%25253d1549325%252526pxl%25253dppl_-_cpi%252526clickId%25253d880123804347798220%252526img%25253d%25257bkey%25257d%252526placement%25253d%25257bplacement%25257d%252526publisherId%25253d6118780%22%2C%22rt%22%3A%22Landings%22%2C%22r%22%3A%22%22%2C%22t%22%3A1731402287%2C%22i%22%3A0%7D
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 33ac786d-8725-467d-9472-8636953dfd1f
.criteo.com/ Name: cto_bundle
Value: U72S819zJTJCSkJrJTJGUkVGYTROdDQlMkYySmFMU01wVjFNNUNZbUk0ZTEwT1pRckNzQUhKJTJGb0MyV2dmUGNSaWJSeU5TZUUzd2hqNDQ3dFNuUmZKWXczS3gyZXhqOWNzZHF3NVZFOEVsUGljMXolMkYwWGFEeTlqZXU2SHNOWkFTRDRLb0NNRThvUWdDRE9OU1dEWjIzcHM0WmtKWGNEbnp3JTNEJTNE
.plarium.com/ Name: _gcl_au
Value: 1.1.1249539189.1731401388
.plarium.com/ Name: datadome
Value: F_4Qo~YDxcuGYfYMtXjIji9l3Qe4IlPxwqNaFF3Cj8uuUjeuIL4RB0ziMphiUElUeYtH4bhUkJY8yqRl1Ue~H5EDifgFgS88jIg2ro7hzATjkPz5ADJwj7unFVFG0sqg
lps.plarium.com/ Name: crto_g_id
Value: bCl3F8se1ljwiOewoRQLDOnRHMrAZfEl
.plarium.com/ Name: _ga
Value: GA1.1.2141961708.1731401388
.plarium.com/ Name: _ga_5FNDF9DMY8
Value: GS1.1.1731401388.1.0.1731401388.60.0.0
.plarium.com/ Name: _fbp
Value: fb.1.1731401388631.836109581626585295
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
lps.plarium.com/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1731401388865%7D

5 Console Messages

Source Level URL
Text
rendering warning URL: https://goobakocaup.com/4/4113315
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0603B0A14240000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://goobakocaup.com/4/4113315
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A040100414240000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0603B0A14240000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://goobakocaup.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0903B0A14240000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://lps.plarium.com/de/desktop/raid/rdo/media/conditional_promocode_f092_jt3184?plid=1549325&pxl=ppl_-_cpi&clickId=880123804347798220&img={key}&placement={placement}&publisherId=6118780
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0603B0A14240000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a26310650654.cdn.optimizely.com
amplify.outbrain.com
bat.bing.com
bat.bing.net
cdn-gpd.x-plarium.com
cdn.optimizely.com
cdn.taboola.com
cdn3.optimizely.com
collector.plarium.com
connect.facebook.net
datadome.plarium.com
goobakocaup.com
googleads.g.doubleclick.net
gum.criteo.com
landings-frontend.plarium.com
logx.optimizely.com
lps.plarium.com
my.rtmark.net
notube.net
psb.taboola.com
region1.analytics.google.com
stats.g.doubleclick.net
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
wave.outbrain.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
lps.plarium.com
104.18.23.222
13.32.121.42
141.226.228.48
142.250.184.194
151.101.129.44
151.101.65.44
172.64.152.14
184.28.89.148
2001:4860:4802:34::36
2600:1901:0:75c::
2606:4700:21::681b:cd57
2606:4700::6812:4139
2606:4700::6812:4239
2606:4700::6812:efd
2620:1ec:33::10
2620:1ec:c11::237
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9d
2a02:2638:3::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
34.31.194.150
34.49.241.189
70.42.32.223
033d3b7da96afd598d27d44837967c1f0b1a207d2fad62ecf3d029088c24882f
08e96380d582634de3429acd7d88c9392b714d0273bf62d2004f76952777e9f7
0e3af338b2dab54b1818a24f5a21c89a1b0451f18d3e7f9b4d7061933a74fff3
0ee1e34bf884d4006850b4a33ec0847a5c080ce0039724a628a1c05f0c369852
15d659692f1d42ddda8524c6469067888a07082430dadbd7a58f45737b3e138b
16771956ab4b28e90f41937cc428b2e865546c341d2dcf515207aeba3ca11e48
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1fc671898ad010ba690b89d83f8c813088990a6018b21818096387fe4a2c8e67
28309ab4af7d87de17a67e7d0c701a5a9953218f1ccdf2c8ed11a9670442fc8f
28b625eb0f3056a0e546573050d2316a02edcab4a9c69210bc33a02db6495979
2fc476fa1311607435501409ac011dcfc57c2a5294bd8026b10a4c7113171a5e
3392d6f19e5f0fa6ea9414995679e168c4b4fdebb25d9d6b5a103b557a6319e3
36512d56e3b8ab2c212b3fe9ee3bd145f4b9c4d41f6621314611997879da686e
369f54e3e7c21ae236361d0e646d79d088ceb7b330979a226677cdc3d679f8df
36e8c6fc222e7a2ce65b7a508428fa16e89212815ac836a91f98d6ef0105cc28
392783507b51cf280163f3ac399a78673f99090c5add0e5f9703fa34673236b4
3f5ac77289625c315f20875e7eceb91c388dc147efa7249158b3f774770af61f
427b218837ee71e6b8bca35dbd6dc55b2a9250202fc122ea39d4130ebc6d405f
432b3e51fbda3ed7d38b5d07ccc1ca26ca46e9491b5a6f7741971c7c760011d5
44b5896f4a4360bc08c70cf6e5890aa872e50f9d65d0597013c8565752277a82
44e2c42df34b1029bff5762f2d9c0c7dc5b4268b965d70d4cc2cb66dafc52423
4811006ae6567558ab5cdb3d1e409dacd4b0fab2f134b746e7607446a91d2502
4c35ac3c5179cda0de8831ebbda65aec2d866b4376735afaa9cd42aed5a920e4
4da2526e914f504ff9a65d577a5f350da146ee490da17856f1670b2fb2f24915
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9d61d8cdd1c800cd68cb38a42fd9a5304aefadd2ad92d38a13ec101a3f89
5030810c6717956e14836908751238de30594782a6e9f5a69e9f5f0eac999a48
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ec6da069102a1ea754cfac542b4f8cddb8cfdb96b500864a746b22468caf928
657281eabf7e715e785a7fc2e454587e91749546f0f300b74f5db155e32b8a05
66878b48b7806b6689ba1aa763c6f621f34b11d316a48b357e11b0c2c331c9de
68ad50f79291823a7dc580ff41d3be8263161249dd2050224bbeeb863ff4e5e8
6ba29d42912350d3e3bd002c4eabb0f9a1ea26be5b0de2cca4408221e4cdb167
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
72a1596669a5da54eea48cbc11f6ddbe0f4c7fbdd54fd8b7c82aeefd06fba842
76c5a676cabda9672c4bf77dceeb8757122dd7145fee3c231f6b5dd005a11cef
793b47c0a9211cc7ec109004fafe072ca11756c0098307e47fbe047895b34647
81e8c5190861c7d400a7d47ed98cca80c341ec0289ae06bca892bf57f52867fe
8a423638074d18d2700a9165325b0b13165c755b461763eb2ea07ae64f135519
8d6c66b44d829b14e6e44e0b5c5b3ef51f7ceae37b31229c4d2b7f2ed7e757de
8eec6933410072a976a26f3efb249fb5e4ffd1b79ffd02e9f00dbf2eee4b3cc6
91c0407b64e8c4036bf2e884c92cfbdf56a9bfd880fddf38806b5f5de1b8af34
a3c6209863894f0d69b4f97d5de8eacbeca7438ba991341cac6abbf9c1116ab0
a7bf1f115e60e0c8f3b335df66d4d77baaae4eb11d2cea2cf7c5b4693403a46f
a8366eefdf695eede0682219d541f6192c1c636ae589e35358f182ea46e66a3f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ad9bf80ea8085bdf5760c2dd9a6404904f5d514648cd42998f8bc241ecaa8b29
b501eb45bc9c7edb7bf7e23febfb7ecf42d3cf96c04389a7b102f1a9bc31cb52
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b566572f341090a48c8e9d750626f7b1799b438ba34f31ec6eea5c645081a2f5
b66456a5e42a3bdbda7b872ce8570258b65f51ef3eed9353bcbd66befcd947f3
bf2d4a32857fd80cda7e31ee1587b04ebef223dc4d6343390d59fdf2b3d37bf7
c6e393ed9e8766df188fe627a776d33bfd9dd150c83c550dffa04c916bc7a657
ccba693f48bab745d5ec763e917000b42cfa4650ef087a59ec5cb1df086de808
ccf4818dce5e0230c9347141a983abc5bc2f116e99b80f1ff15ffab52e666de6
cfbbb0acc6ec5dfbd62ee8dbc087f5cad06568915534dfbf4125f6533a2cd7c2
d4aef9bed55602376f4e4d63fffb47c337df4e98c872fbe42ad48829b5fefeec
d6178236fc3a9f809665c6b75b350eac4c5ef238bdf7c120304343df34260d37
d969be4af444ec4b9b9c2cdea82ee45768b1caf279824ff0de416c2763e5200d
db2adc25886b6b7a248e20e24e4035515a873a2515fdb3873c1d8433742c6ad7
de32d2f5a9d60ab5a65cc4d40a584e59386d4d06c7d51aab4f8740595dfc0abf
e248a90de0da4ca74e9238c6f784675a11e4d86ff9addee9f0878fe8be0cf0f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e74156c28f461634788d92b48e5a6e53207cb029f06b58ae802a244fa7a61e08
eb95fc12eeaff48083ed28548af7f6038fb12755b9d6e3f53ab3f09fdfd1cb3a
ec304c2a4fe55ccd9d8d6292125f9e858de9330d18b821e1dc3071dea3917b33
ee475bbec47bd650f27d0ddb64a87e98eb9f9727458c7b302e1351fedb8794d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6190ab39732df2356d90233db1f103ac87b5d018a5c1816ce96c90ae431b4c9
f76bcf5ed9ce17975c95265a4a56ea171b80d6530564b86936ab1da6bdccfd3b
fbca1568c571705cf15452438611fd9e0adaeab47886e227d49a22ec609df831
fd9f1f0c5416a8a8cbb3a245825d7741133b95a833264a265f43fd94527cc4f0
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7