urlscan.io logo urlscan.io
SecurityTrails logo

plarium.com Open in urlscan Pro
104.16.20.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://oldharper.xyz/
Effective URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publishe...
Submission Tags: falconsandbox
Submission: On February 19 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 7 countries across 34 domains to perform 111 HTTP transactions. The main IP is 104.16.20.18, located in United States and belongs to CLOUDFLARENET, US. The main domain is plarium.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 5th 2020. Valid for: 2 years.
This is the only time plarium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 138.68.113.179 14061 (DIGITALOC...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 78.140.179.119 35415 (WEBZILLA)
1 1 88.85.84.113 35415 (WEBZILLA)
1 1 212.224.118.36 44066 (DE-FIRSTC...)
4 104.16.20.18 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
24 2606:2800:134... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:211... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 23.218.209.87 16625 (AKAMAI-AS)
1 151.101.13.44 54113 (FASTLY)
1 65.9.91.228 16509 (AMAZON-02)
1 207.182.134.18 10297 (ENET-2)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 151.101.113.140 54113 (FASTLY)
1 4 2a02:6b8::1:119 13238 (YANDEX)
1 35.201.112.186 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 70.42.32.95 13789 (INTERNAP-...)
1 2 142.250.185.134 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 184.72.189.105 14618 (AMAZON-AES)
1 13.32.23.6 16509 (AMAZON-02)
1 35.186.194.58 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 45.33.24.119 63949 (LINODE-AP...)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.16.21.18 13335 (CLOUDFLAR...)
1 69.16.175.10 20446 (HIGHWINDS3)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f11... 32934 (FACEBOOK)
111 42
8    2606:4700:3036::6815:32f4 (United States)

ASN13335 (CLOUDFLARENET, US)
oldharper.xyz
1    2606:4700:3035::ac43:941d (United States)

ASN13335 (CLOUDFLARENET, US)
faysimplefa.xyz
1    2606:4700:3034::6815:bec (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.trade
4    138.68.113.179 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
warning.notify.support
2    2606:4700:3034::ac43:ab58 (United States)

ASN13335 (CLOUDFLARENET, US)
stattrack.xyz
1    78.140.179.119 (Netherlands)

ASN35415 (WEBZILLA, NL)
hifucay.ru
1    88.85.84.113 (Netherlands)

ASN35415 (WEBZILLA, NL)
rubird.ru
1    212.224.118.36 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde49-3.fornex.org
ad.admitad.com
4    104.16.20.18 (United States)

ASN13335 (CLOUDFLARENET, US)
plarium.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
24    2606:2800:134:f5b:5e9:1832:1d32:106a (United States)

ASN15133 (EDGECAST, US)
cdn01.x-plarium.com
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:211e:d600:1c:19e4:1d00:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.queit.in
2    2606:4700::6813:ad44 (United States)

ASN13335 (CLOUDFLARENET, US)
static.x-plarium.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
5    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    23.218.209.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-87.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    65.9.91.228 (United States)

ASN16509 (AMAZON-02, US)
d2xerlamkztbb1.cloudfront.net
1    207.182.134.18 (United States)

ASN10297 (ENET-2, US)
PTR: 207-182-134-18.xlhdns.com
mbi-fchk.x-plarium.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.redditstatic.com
alb.reddit.com
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
1    35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
tr.outbrain.com
2    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
9360814.fls.doubleclick.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    184.72.189.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
default.queit.in
1    13.32.23.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-6.fra56.r.cloudfront.net
d221oziut8gs4d.cloudfront.net
1    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rs.fullstory.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    45.33.24.119 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: f1.placeholder.com
placehold.it
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.de
2    104.16.21.18 (United States)

ASN13335 (CLOUDFLARENET, US)
collector.plarium.com
1    69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
www.swixil.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
27 x-plarium.com
cdn01.x-plarium.com
static.x-plarium.com
mbi-fchk.x-plarium.com Failed
7 MB
8 oldharper.xyz
oldharper.xyz
70 KB
6 plarium.com
plarium.com
collector.plarium.com
49 KB
5 google-analytics.com
www.google-analytics.com
37 KB
4 yandex.ru
mc.yandex.ru
45 KB
4 doubleclick.net
stats.g.doubleclick.net
9360814.fls.doubleclick.net
2 KB
4 google.com
analytics.google.com
www.google.com
adservice.google.com
1 KB
4 crazyegg.com
script.crazyegg.com
112 KB
4 queit.in
static.queit.in
default.queit.in Failed
171 KB
4 googletagmanager.com
www.googletagmanager.com
224 KB
4 notify.support
warning.notify.support
6 KB
3 outbrain.com
amplify.outbrain.com
tr.outbrain.com
4 KB
2 facebook.net
connect.facebook.net
26 KB
2 criteo.com
gum.criteo.com
776 B
2 fullstory.com
edge.fullstory.com
rs.fullstory.com
61 KB
2 cloudfront.net
d2xerlamkztbb1.cloudfront.net
d221oziut8gs4d.cloudfront.net
2 KB
2 yimg.com
s.yimg.com
7 KB
2 google.de
www.google.de Failed
adservice.google.de
390 B
2 bing.com
bat.bing.com Failed
9 KB
2 googleapis.com
fonts.googleapis.com
1 KB
2 googleoptimize.com
www.googleoptimize.com
83 KB
2 stattrack.xyz
stattrack.xyz
1 facebook.com
www.facebook.com
260 B
1 swixil.com
www.swixil.com
871 B
1 placehold.it
placehold.it
1 reddit.com
alb.reddit.com
125 B
1 taboola.com
cdn.taboola.com
22 KB
1 redditstatic.com
www.redditstatic.com Failed
6 KB
1 admitad.com
ad.admitad.com
556 B
1 rubird.ru
rubird.ru Failed
386 B
1 hifucay.ru
hifucay.ru
17 KB
1 rtb.trade
rtb.trade
1 KB
1 faysimplefa.xyz
faysimplefa.xyz
855 B
0 Failed
function sub() { [native code] }. Failed
111 34
Domain Requested by
24 cdn01.x-plarium.com plarium.com
cdn01.x-plarium.com
8 oldharper.xyz 1 redirects oldharper.xyz
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 mc.yandex.ru 1 redirects oldharper.xyz
plarium.com
4 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
4 www.googletagmanager.com plarium.com
www.googletagmanager.com
4 plarium.com oldharper.xyz
www.googleoptimize.com
4 warning.notify.support oldharper.xyz
warning.notify.support
2 connect.facebook.net www.swixil.com
connect.facebook.net
2 collector.plarium.com oldharper.xyz
2 gum.criteo.com 1 redirects plarium.com
2 9360814.fls.doubleclick.net 1 redirects oldharper.xyz
2 tr.outbrain.com amplify.outbrain.com
plarium.com
2 s.yimg.com plarium.com
s.yimg.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 default.queit.in static.queit.in
2 bat.bing.com www.googletagmanager.com
plarium.com
2 fonts.googleapis.com cdn01.x-plarium.com
2 static.x-plarium.com plarium.com
2 static.queit.in plarium.com
2 www.googleoptimize.com plarium.com
2 stattrack.xyz oldharper.xyz
1 www.facebook.com www.swixil.com
1 www.swixil.com oldharper.xyz
1 adservice.google.de adservice.google.com
1 adservice.google.com 9360814.fls.doubleclick.net
1 placehold.it plarium.com
1 rs.fullstory.com edge.fullstory.com
1 d221oziut8gs4d.cloudfront.net d2xerlamkztbb1.cloudfront.net
1 www.google.com plarium.com
1 alb.reddit.com plarium.com
1 edge.fullstory.com oldharper.xyz
1 d2xerlamkztbb1.cloudfront.net plarium.com
1 cdn.taboola.com plarium.com
1 amplify.outbrain.com plarium.com
1 mbi-fchk.x-plarium.com cdn01.x-plarium.com
1 www.google.de plarium.com
1 www.redditstatic.com www.googletagmanager.com
1 ad.admitad.com 1 redirects
1 rubird.ru warning.notify.support
1 hifucay.ru warning.notify.support
1 rtb.trade oldharper.xyz
1 faysimplefa.xyz 1 redirects
0 mhjfbmdgcfjbbpaeojofohoefgiehjai Failed static.queit.in
111 45

This site contains links to these domains. Also see Links.

Domain
plarium-mobile-support.zendesk.com
company.plarium.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-12-30 -
2021-12-29		 a year crt.sh
notify.support
R3		 2020-12-21 -
2021-03-21		 3 months crt.sh
hifucay.ru
R3		 2021-01-21 -
2021-04-21		 3 months crt.sh
*.plarium.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-05 -
2022-04-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.x-plarium.com
DigiCert SHA2 Secure Server CA		 2020-04-10 -
2022-06-17		 2 years crt.sh
queit.in
Amazon		 2020-06-01 -
2021-07-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-01-14 -
2021-03-02		 2 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2021-06-08		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-08 -
2021-07-06		 6 months crt.sh
mc.yandex.ru
Yandex CA		 2020-09-29 -
2021-03-11		 5 months crt.sh
edge.fullstory.com
GTS CA 1D2		 2020-12-26 -
2021-03-26		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-08 -
2021-07-06		 6 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.fullstory.com
R3		 2021-01-28 -
2021-04-28		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
placehold.it
R3		 2020-12-29 -
2021-03-29		 3 months crt.sh
swixil.com
R3		 2021-02-17 -
2021-05-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Frame ID: BCCF926072E6C7B639CD693F4F296558
Requests: 97 HTTP requests in this frame

Frame: https://warning.notify.support/helper/index.html
Frame ID: FB046E202D1F84C6664FC543489B2F01
Requests: 3 HTTP requests in this frame

Frame: https://warning.notify.support/helper/index.html
Frame ID: 7ED311757E81B202A45DE0C882A72771
Requests: 3 HTTP requests in this frame

Frame: https://9360814.fls.doubleclick.net/activityi;dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146
Frame ID: 0DE775C4984E9ABB50AFE0C4B7ED2176
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146;~oref=https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2
Frame ID: 4182FF75521CB8B6A2A23B23C4E202A1
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146;~oref=https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2
Frame ID: 3405C7D442F6F3D0370ADDFA93CEDC00
Requests: 1 HTTP requests in this frame

Frame: https://www.swixil.com/?affid=9057&oid=null
Frame ID: 8ABA3534A4624D5DC878B4408C1FD7D0
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://oldharper.xyz/ Page URL
  2. https://oldharper.xyz/ Page URL
  3. https://faysimplefa.xyz/pop2tbMultiimp HTTP 302
    https://oldharper.xyz/?s_id=8606&p=100&tb=pop2tbMultinewrev Page URL
  4. http://oldharper.xyz/r?t=https%3A%2F%2Frubird.ru%2Frtb%2Fclick%2F1613739600000-205519%3FnodeId%3D... HTTP 302
    https://rubird.ru/rtb/click/1613739600000-205519?nodeId=1&id=51836 HTTP 302
    https://ad.admitad.com/g/qugrrl5j6geddf0764d3b029fea5aba7a065a48b/subid/t_raidde_9_null_60166-rprxe HTTP 302
    https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad... Page URL
  5. https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

111
Requests

89 %
HTTPS

57 %
IPv6

34
Domains

45
Subdomains

42
IPs

7
Countries

8567 kB
Transfer

16041 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://oldharper.xyz/ Page URL
  2. https://oldharper.xyz/ Page URL
  3. https://faysimplefa.xyz/pop2tbMultiimp HTTP 302
    https://oldharper.xyz/?s_id=8606&p=100&tb=pop2tbMultinewrev Page URL
  4. http://oldharper.xyz/r?t=https%3A%2F%2Frubird.ru%2Frtb%2Fclick%2F1613739600000-205519%3FnodeId%3D1%26id%3D51836 HTTP 302
    https://rubird.ru/rtb/click/1613739600000-205519?nodeId=1&id=51836 HTTP 302
    https://ad.admitad.com/g/qugrrl5j6geddf0764d3b029fea5aba7a065a48b/subid/t_raidde_9_null_60166-rprxe HTTP 302
    https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2 Page URL
  5. https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://faysimplefa.xyz/pop2tbMultiimp HTTP 302
  • https://oldharper.xyz/?s_id=8606&p=100&tb=pop2tbMultinewrev
Request Chain 16
  • http://oldharper.xyz/r?t=https%3A%2F%2Frubird.ru%2Frtb%2Fclick%2F1613739600000-205519%3FnodeId%3D1%26id%3D51836 HTTP 302
  • https://rubird.ru/rtb/click/1613739600000-205519?nodeId=1&id=51836 HTTP 302
  • https://ad.admitad.com/g/qugrrl5j6geddf0764d3b029fea5aba7a065a48b/subid/t_raidde_9_null_60166-rprxe HTTP 302
  • https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Request Chain 74
  • https://9360814.fls.doubleclick.net/activityi;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146 HTTP 302
  • https://9360814.fls.doubleclick.net/activityi;dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146
Request Chain 85
  • https://gum.criteo.com/sync?a=1&r=2&c=421&j=handleCriteoCookie HTTP 302
  • https://gum.criteo.com/sync?s=1&a=1&r=2&c=421&j=handleCriteoCookie
Request Chain 99
  • https://mc.yandex.ru/watch/22851190?wmode=7&page-url=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&page-ref=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fdragon_fire_a_m_f038_rdoapp%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z33%3Afp%3A437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A1289231842605%3Ahid%3A889418546%3Az%3A60%3Ai%3A20210219144836%3Aet%3A1613742516%3Ac%3A1%3Arn%3A397596067%3Au%3A161374251649579841%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613742514976%3Ads%3A0%2C0%2C282%2C244%2C1%2C0%2C%2C266%2C14%2C%2C%2C%2C554%3Adsn%3A0%2C0%2C282%2C245%2C0%2C0%2C%2C26%2C14%2C%2C%2C%2C554%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613742516%3At%3ARAID%3A%20Shadow%20Legends HTTP 302
  • https://mc.yandex.ru/watch/22851190/1?wmode=7&page-url=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&page-ref=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fdragon_fire_a_m_f038_rdoapp%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z33%3Afp%3A437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A1289231842605%3Ahid%3A889418546%3Az%3A60%3Ai%3A20210219144836%3Aet%3A1613742516%3Ac%3A1%3Arn%3A397596067%3Au%3A161374251649579841%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613742514976%3Ads%3A0%2C0%2C282%2C244%2C1%2C0%2C%2C266%2C14%2C%2C%2C%2C554%3Adsn%3A0%2C0%2C282%2C245%2C0%2C0%2C%2C26%2C14%2C%2C%2C%2C554%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613742516%3At%3ARAID%3A%20Shadow%20Legends

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
oldharper.xyz/ 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://oldharper.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:32f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3468a29e644ee4e58f1d0a4c246cd4b1ce858863fe3a21a9ad7b56161cdc4d47

Request headers

Host
oldharper.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Feb 2021 13:48:29 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d4d989154918e956ed32cc22abd00bdcc1613742509; expires=Sun, 21-Mar-21 13:48:29 GMT; path=/; domain=.oldharper.xyz; HttpOnly; SameSite=Lax
Last-Modified
Thu, 14 Jan 2021 13:35:51 GMT
Referrer-Policy
no-referrer
CF-Cache-Status
DYNAMIC
cf-request-id
085c25a40400004de25f1ed000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RuSUCAsZAadM8Tmlq%2BYbU3eLeUR1nS3be7Dmc2k5rY0MCmALJdQcdMAOTcvplJUc0VtWcSIudpri8xh7f%2BYMkyaLdTasy%2BtgcGYLifdgXexj4PEri8FvwzpI"}],"group":"cf-nel","max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
62407219a8234de2-FRA
Content-Encoding
gzip
index.5d05e12cb894a315af64.js
oldharper.xyz/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://oldharper.xyz/index.5d05e12cb894a315af64.js
Requested by
Host: oldharper.xyz
URL: http://oldharper.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:32f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
869d4c10668a48ce60a0a18e113995e8b118069ac0440464361b465fb5bd4000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Feb 2021 13:48:29 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
9597
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
085c25a41a00004de252958000000001
Referrer-Policy
no-referrer
Last-Modified
Thu, 14 Jan 2021 13:35:51 GMT
Server
cloudflare
ETag
W/"600048b7-b813"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kf%2Bl4N%2Fuw82fD5pfT6hvoUrXOuXoNz0VauAO4ZLWztGIqJK3xUy88Ft5BOLg836xnIjnSQ16PAekc5WwpNC7yeLLW7dPuIVPyJuW36IVyArP0OoLZBnjmU7h"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
62407219c85a4de2-FRA
/
oldharper.xyz/ 		325 B
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://oldharper.xyz/
Requested by
Host: oldharper.xyz
URL: http://oldharper.xyz/index.5d05e12cb894a315af64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:32f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3468a29e644ee4e58f1d0a4c246cd4b1ce858863fe3a21a9ad7b56161cdc4d47

Request headers

:method
GET
:authority
oldharper.xyz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d4d989154918e956ed32cc22abd00bdcc1613742509
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:29 GMT
content-type
text/html
last-modified
Thu, 14 Jan 2021 13:35:51 GMT
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
cf-request-id
085c25a44700004a749c17b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=evSfRqJxLhL%2BaN555yFL%2Bal%2BpXZ90tqGUXcGp7%2BG06feBTNPwaxHQpls80ygct7hZHp2rOL6wgU0KFhRMBf%2BAQ19Bw5woKz7DY3W4a9pqGR1WUlxpTkh8AEs"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
6240721a0f624a74-FRA
content-encoding
br
index.5d05e12cb894a315af64.js
oldharper.xyz/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oldharper.xyz/index.5d05e12cb894a315af64.js
Requested by
Host: oldharper.xyz
URL: https://oldharper.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:32f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
869d4c10668a48ce60a0a18e113995e8b118069ac0440464361b465fb5bd4000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
9597
cf-request-id
085c25a45c00004a74c289b000000001
referrer-policy
no-referrer
last-modified
Thu, 14 Jan 2021 13:35:51 GMT
server
cloudflare
etag
W/"600048b7-b813"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h1%2Fdgec6Z%2FjVbMpmT6Cclfv%2F%2BzF3V%2FrTFIQ9lP0z%2Bv72qC6ZQxQs6P0Qs9MElkpgWj5JdAktzJ2ibrVobhmbXKfIj2mM5WEhXPKdKQplKREMguoz1T8R7e5o"}]}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6240721a2f934a74-FRA
/
oldharper.xyz/
Redirect Chain
  • https://faysimplefa.xyz/pop2tbMultiimp?
  • https://oldharper.xyz/?s_id=8606&p=100&tb=pop2tbMultinewrev
325 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://oldharper.xyz/?s_id=8606&p=100&tb=pop2tbMultinewrev
Requested by
Host: oldharper.xyz
URL: https://oldharper.xyz/index.5d05e12cb894a315af64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:32f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3468a29e644ee4e58f1d0a4c246cd4b1ce858863fe3a21a9ad7b56161cdc4d47

Request headers

:method
GET
:authority
oldharper.xyz
:scheme
https
:path
/?s_id=8606&p=100&tb=pop2tbMultinewrev
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d4d989154918e956ed32cc22abd00bdcc1613742509
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://oldharper.xyz/

Response headers

date
Fri, 19 Feb 2021 13:48:29 GMT
content-type
text/html
last-modified
Thu, 14 Jan 2021 13:35:51 GMT
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
cf-request-id
085c25a50c00004a74d90ac000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4aquANZm5xKw8UgK9fD2EeOTaTGL%2F5fYbJxJodAlCpaDHOP1itxzf9Ix333LMAGQR2wNKh2XupjCy4d8SwzHP2SLLxvftJuRY7Hx26yETgImoQy1Nt%2F%2BEDtC"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
6240721b49ce4a74-FRA
content-encoding
br

Redirect headers

date
Fri, 19 Feb 2021 13:48:29 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d77ec1ee627f474a3158b08b58c06d4b01613742509; expires=Sun, 21-Mar-21 13:48:29 GMT; path=/; domain=.faysimplefa.xyz; HttpOnly; SameSite=Lax _client_id=11400735091720557422; path=/; expires=Sat, 20 Feb 2021 13:48:29 GMT; max-age=86400; HttpOnly
cache-control
max-age=0, private, must-revalidate
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
location
https://oldharper.xyz/?s_id=8606&p=100&tb=pop2tbMultinewrev
cf-cache-status
DYNAMIC
cf-request-id
085c25a4f500004e31a5a56000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mB9QVGqOU%2FsrwP9EuN%2BFBvTn1oMMYmSDHh3NaaORtUAMJm8pyKF6dyZi%2FNcAP4fyP7c%2Fa6Hsk3d%2FDeYf6Bh2HYItSDpFjECUM6J7V9bVZnxmfDm9Gx5Eojqux%2B8%3D"}],"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6240721b28194e31-FRA
index.5d05e12cb894a315af64.js
oldharper.xyz/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oldharper.xyz/index.5d05e12cb894a315af64.js
Requested by
Host: oldharper.xyz
URL: https://oldharper.xyz/?s_id=8606&p=100&tb=pop2tbMultinewrev
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:32f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
869d4c10668a48ce60a0a18e113995e8b118069ac0440464361b465fb5bd4000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
9597
cf-request-id
085c25a52100004a74ec0a9000000001
referrer-policy
no-referrer
last-modified
Thu, 14 Jan 2021 13:35:51 GMT
server
cloudflare
etag
W/"600048b7-b813"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XqKxYPCTU0NJOlMGtIiOaNkaR5C%2FCLoxUGhklnQQsQdrbJ1xTQbacwnpN5NBaQ47pAJz72RyknjQwZ4kJULuM7sNUKU2RmIEsfbTRjcBuPQIsGUFtIwH%2Bi0M"}]}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6240721b6a0a4a74-FRA
data.json
rtb.trade/api/v1/ 		711 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.trade/api/v1/data.json?dist_id=6400&encode=true&limit=1&s_id=8606
Requested by
Host: oldharper.xyz
URL: https://oldharper.xyz/index.5d05e12cb894a315af64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:bec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5Gu8GZisxJF2vbW1%2FZTtEfAkG%2BG%2BDRNze36LQjSZfWobtm7xHeKpTlqfjteHgSMx3EUM3pJXw2D3QT1QLq9X%2FjTQvxnlHKgsYnrFKiF5Qfpmsncqt7g%3D"}]}
content-type
application/json; charset=utf8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
6240721bbbbc4d84-FRA
cf-request-id
085c25a55300004d8488a02000000001
x-robots-tag
noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex
index.html
warning.notify.support/helper/ Frame FB04 		190 B
353 B 		Document
General
Check archive.org
Download Go to
Full URL
https://warning.notify.support/helper/index.html
Requested by
Host: oldharper.xyz
URL: https://oldharper.xyz/index.5d05e12cb894a315af64.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.68.113.179 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.1 /
Resource Hash

Request headers

:method
GET
:authority
warning.notify.support
:scheme
https
:path
/helper/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx/1.17.1
date
Fri, 19 Feb 2021 13:48:30 GMT
content-type
text/html
last-modified
Thu, 14 May 2020 11:45:14 GMT
vary
Accept-Encoding
etag
W/"5ebd2f4a-be"
x-robots-tag
noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex
content-encoding
gzip
index.html
warning.notify.support/helper/ Frame 7ED3 		190 B
352 B 		Document
General
Check archive.org
Download Go to
Full URL
https://warning.notify.support/helper/index.html
Requested by
Host: oldharper.xyz
URL: https://oldharper.xyz/index.5d05e12cb894a315af64.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.68.113.179 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.1 /
Resource Hash

Request headers

:method
GET
:authority
warning.notify.support
:scheme
https
:path
/helper/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx/1.17.1
date
Fri, 19 Feb 2021 13:48:30 GMT
content-type
text/html
last-modified
Thu, 14 May 2020 11:45:14 GMT
vary
Accept-Encoding
etag
W/"5ebd2f4a-be"
x-robots-tag
noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex
content-encoding
gzip
icon
stattrack.xyz/api/tracker/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stattrack.xyz/api/tracker/icon?d=6400&f=497&s=8606&src=rprxe
Requested by
Host: oldharper.xyz
URL: https://oldharper.xyz/index.5d05e12cb894a315af64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ab58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:30 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow
GET, POST, HEAD, OPTIONS
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fSemP7ec4T2Bd7ogtepsyKsnzWDUZDhsik4EZUw4uOer5e8BMZnOVGx%2F2b3gToYqtHY9XL3Krf02xE88XMFaesZXx7%2BbasLJzCTw3o2AeROx4Pv01QIrTIIt"}],"group":"cf-nel"}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6240722269184e8b-FRA
cf-request-id
085c25a98400004e8b73179000000001
x-robots-tag
noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex
index.js
warning.notify.support/helper/ Frame FB04 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warning.notify.support/helper/index.js
Requested by
Host: warning.notify.support
URL: https://warning.notify.support/helper/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.68.113.179 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.1 /
Resource Hash

Request headers

Referer
https://warning.notify.support/helper/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:30 GMT
content-encoding
gzip
last-modified
Thu, 14 May 2020 11:45:14 GMT
server
nginx/1.17.1
etag
W/"5ebd2f4a-1865"
vary
Accept-Encoding
content-type
application/javascript
x-robots-tag
noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex
index.js
warning.notify.support/helper/ Frame 7ED3 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warning.notify.support/helper/index.js
Requested by
Host: warning.notify.support
URL: https://warning.notify.support/helper/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.68.113.179 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.1 /
Resource Hash

Request headers

Referer
https://warning.notify.support/helper/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:30 GMT
content-encoding
gzip
last-modified
Thu, 14 May 2020 11:45:14 GMT
server
nginx/1.17.1
etag
W/"5ebd2f4a-1865"
vary
Accept-Encoding
content-type
application/javascript
x-robots-tag
noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex
b0374c935d03084565aa22f41f800bee.jpg
hifucay.ru/ Frame FB04 		17 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hifucay.ru/b0374c935d03084565aa22f41f800bee.jpg
Requested by
Host: warning.notify.support
URL: https://warning.notify.support/helper/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
78.140.179.119 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://warning.notify.support/helper/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Feb 2021 13:48:30 GMT
Last-Modified
Sun, 17 Mar 2019 08:14:20 GMT
Server
nginx/1.16.1
ETag
"5c8e01dc-4303"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17155
1613739600000-205519
rubird.ru/rtb/nurl/ Frame 7ED3 		0
0
4f6245dff73b67132169097bc86c245a.png
oldharper.xyz/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oldharper.xyz/4f6245dff73b67132169097bc86c245a.png
Requested by
Host: oldharper.xyz
URL: https://oldharper.xyz/?s_id=8606&p=100&tb=pop2tbMultinewrev
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:32f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:31 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
714
content-length
12675
cf-request-id
085c25ad5900004a740b0a6000000001
referrer-policy
no-referrer
last-modified
Thu, 14 Jan 2021 13:35:51 GMT
server
cloudflare
etag
"600048b7-3183"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K8HhdAzsHNckyFI8oFCxJaLFtciFL2L%2B%2BTZYZ7LdkFhAc8989c4tWvcVHU6rNTVbBCLXaB0YDbWvtZS2yJrZd4Ty97X2X%2Fpu%2BN6GdGzUQeYC1aMLJPw6IAxo"}]}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
624072288e694a74-FRA
url
stattrack.xyz/api/tracker/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stattrack.xyz/api/tracker/url?c=MC4wMDQ1MDAwMDAwMDAwMDAwMDA1&d=6400&f=497&s=8606&src=rprxe
Requested by
Host: oldharper.xyz
URL: https://oldharper.xyz/index.5d05e12cb894a315af64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ab58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow
GET, POST, HEAD, OPTIONS
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yRxRNwJodiT0gJmD8YiR8WqP9Hofz79adPRXfCJLogAScsU7mWqrTyfhJKYSugBRy2SA4pe%2FC3i5e9PYZy0YTWZbRK1p%2FUkwhRU6XvtXEWMOA%2BpB5CArQO7S"}],"group":"cf-nel"}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
62407239ed0e4e8b-FRA
cf-request-id
085c25b82e00004e8be3245000000001
x-robots-tag
noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex
dragon_fire_a_m_f038_rdoapp
plarium.com/landings/de/desktop/raid/
Redirect Chain
  • http://oldharper.xyz/r?t=https%3A%2F%2Frubird.ru%2Frtb%2Fclick%2F1613739600000-205519%3FnodeId%3D1%26id%3D51836
  • https://rubird.ru/rtb/click/1613739600000-205519?nodeId=1&id=51836
  • https://ad.admitad.com/g/qugrrl5j6geddf0764d3b029fea5aba7a065a48b/subid/t_raidde_9_null_60166-rprxe
  • https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
116 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Requested by
Host: oldharper.xyz
URL: https://oldharper.xyz/index.5d05e12cb894a315af64.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET ARR/3.0 ASP.NET
Resource Hash

Request headers

:method
GET
:authority
plarium.com
:scheme
https
:path
/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://oldharper.xyz/?s_id=8606&p=100&tb=pop2tbMultinewrev

Response headers

date
Fri, 19 Feb 2021 13:48:34 GMT
content-type
text/html
set-cookie
__cfduid=d596d0cd0d6b884e2b81419f9820bb2761613742514; expires=Sun, 21-Mar-21 13:48:34 GMT; path=/; domain=.plarium.com; HttpOnly; SameSite=Lax flp=https%3a%2f%2fplarium.com%2flandings%2fde%2fdesktop%2fraid%2fdragon_fire_a_m_f038_rdoapp%3fplid%3d380266%26pxl%3dadmitad%26publisherId%3d9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3dcf57d74b646e13a2ee060cebed6127e2; expires=Sun, 26-Jan-2121 13:48:34 GMT; path=/ gu={"q":"%3fplid%3d380266%26pxl%3dadmitad%26publisherId%3d9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3dcf57d74b646e13a2ee060cebed6127e2","lp":"https%3a%2f%2fplarium.com%2flandings%2fde%2fdesktop%2fraid%2fdragon_fire_a_m_f038_rdoapp%253fplid%253d380266%2526pxl%253dadmitad%2526publisherId%253d9057_t_raidde_9_null_60166-rprxe%2526admitad_uid%253dcf57d74b646e13a2ee060cebed6127e2","rt":"Landing","r":"","t":1613743414,"i":0}; expires=Sun, 21-Feb-2021 13:48:34 GMT; path=/ a_uid=1eed64d6-2dc4-41c8-975a-0d28ed40d68f; expires=Tue, 20-Apr-2021 13:48:34 GMT; path=/
cache-control
private
vary
Accept-Encoding
x-stackifyid
V2|21dc5210-c614-4770-9560-a0bcd6f2b56c|C79315|CD1 V2|9cd65703-962b-4de2-b6c9-6031c544dc74|C79315|CD1
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET ARR/3.0 ASP.NET
cf-cache-status
DYNAMIC
cf-request-id
085c25ba110000736f06233000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6240723ce897736f-CPH
content-encoding
gzip

Redirect headers

server
nginx
date
Fri, 19 Feb 2021 13:48:34 GMT
content-type
text/html; charset=utf-8
content-length
1335
location
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Tue, 01 Jan 1980 1:00:00 GMT
set-cookie
UID=v=3|id=6ae49667d3d82fadee65de3af61e6589|expr=1676814514|type=0|business_expr=1617630514; Domain=.ad.admitad.com; Expires=Sun, 19-Feb-2023 13:48:34 GMT; Path=/ UID2=v=3|id=6ae49667d3d82fadee65de3af61e6589|expr=1676814514|type=0|business_expr=1617630514; Domain=.ad.admitad.com; Path=/
p3p
CP="NON DSP COR CURa TIA"
optimize.js
www.googleoptimize.com/ 		178 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-WGBHHZV
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42271
x-xss-protection
0
expires
Fri, 19 Feb 2021 13:48:34 GMT
ad_raid_en_with_callback.js
cdn01.x-plarium.com/browser/content/portalclientpixels/src/Static-desktop/en/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/content/portalclientpixels/src/Static-desktop/en/js/ad_raid_en_with_callback.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA1) /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:34 GMT
content-encoding
gzip
last-modified
Mon, 18 Jan 2021 10:07:03 GMT
server
ECS (amb/6BA1)
age
18171
etag
"3831602613+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1451
expires
Fri, 26 Feb 2021 13:48:34 GMT
styles.css
cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/ 		976 KB
127 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B81) /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:34 GMT
content-encoding
gzip
last-modified
Fri, 19 Feb 2021 10:35:42 GMT
server
ECS (amb/6B81)
age
11191
etag
"1955076827+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
129346
expires
Fri, 26 Feb 2021 13:48:34 GMT
main_comp_blur.jpg
cdn01.x-plarium.com/browser/content/landings/backgrounds/main_comp/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/backgrounds/main_comp/main_comp_blur.jpg
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B95) /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:34 GMT
last-modified
Tue, 08 Oct 2019 06:57:24 GMT
server
ECS (amb/6B95)
age
593996
etag
"1165129265"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
10478
expires
Fri, 26 Feb 2021 13:48:34 GMT
icon.png
cdn01.x-plarium.com/browser/content/landings/forms/036/ 		818 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/forms/036/icon.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B81) /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:34 GMT
last-modified
Tue, 01 Oct 2019 13:59:36 GMT
server
ECS (amb/6B81)
age
250414
etag
"1460361289"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
818
expires
Fri, 26 Feb 2021 13:48:34 GMT
Logo.png
cdn01.x-plarium.com/browser/content/landings/scenes/desktop/thank-you-page/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/scenes/desktop/thank-you-page/Logo.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB3) /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
last-modified
Thu, 23 May 2019 10:36:07 GMT
server
ECS (amb/6BB3)
age
72277
etag
"3881501383"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
4529
expires
Fri, 26 Feb 2021 13:48:35 GMT
1.png
cdn01.x-plarium.com/browser/content/landings/thank_you_page/001/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/thank_you_page/001/1.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB3) /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
last-modified
Fri, 20 Dec 2019 13:13:12 GMT
server
ECS (amb/6BB3)
age
590951
etag
"2004343117"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
29935
expires
Fri, 26 Feb 2021 13:48:35 GMT
3.png
cdn01.x-plarium.com/browser/content/landings/thank_you_page/001/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/thank_you_page/001/3.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA4) /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
last-modified
Fri, 20 Dec 2019 13:22:34 GMT
server
ECS (amb/6BA4)
age
564474
etag
"260367239"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
38162
expires
Fri, 26 Feb 2021 13:48:35 GMT
gtm.js
www.googletagmanager.com/ 		212 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60994
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Feb 2021 13:48:35 GMT
sdk.js
static.queit.in/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.queit.in/sdk.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:1c:19e4:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ecstatic-3.2.1 /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:09:06 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified
Sun, 26 Aug 2018 06:15:13 GMT
server
ecstatic-3.2.1
age
2425
etag
W/"18352616-86801-2018-08-26T06:15:13.000Z"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C2
content-length
86801
x-amz-cf-id
vCJRTiB6cLKeXtU4o4-m69xFKg3L93fIVKoTRmga8zaV8OFmHMX21Q==
client.js
cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/ 		2 MB
466 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/client.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B94) /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
gzip
last-modified
Fri, 19 Feb 2021 10:35:41 GMT
server
ECS (amb/6B94)
age
11192
etag
"810230568+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
476998
expires
Fri, 26 Feb 2021 13:48:35 GMT
app.js
static.x-plarium.com/browser/canvas/landings.pp.analytics/v5/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.x-plarium.com/browser/canvas/landings.pp.analytics/v5/app.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5570934
content-length
2347
cf-request-id
085c25bbbd00004e3ef1a59000000001
last-modified
Thu, 10 Jan 2019 09:14:42 GMT
server
cloudflare
etag
"64b8e4ebc4a8d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=533729485
accept-ranges
bytes
cf-ray
6240723f9f894e3e-FRA
expires
Tue, 19 Jan 2038 00:00:00 GMT
Primary Request dragon_fire_a_f038_fdb_rdoapp_test
plarium.com/landings/de/desktop/raid/cro/ 		110 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-WGBHHZV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET ARR/3.0 ASP.NET
Resource Hash

Request headers

:method
GET
:authority
plarium.com
:scheme
https
:path
/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d596d0cd0d6b884e2b81419f9820bb2761613742514; flp=https%3a%2f%2fplarium.com%2flandings%2fde%2fdesktop%2fraid%2fdragon_fire_a_m_f038_rdoapp%3fplid%3d380266%26pxl%3dadmitad%26publisherId%3d9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3dcf57d74b646e13a2ee060cebed6127e2; gu={"q":"%3fplid%3d380266%26pxl%3dadmitad%26publisherId%3d9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3dcf57d74b646e13a2ee060cebed6127e2","lp":"https%3a%2f%2fplarium.com%2flandings%2fde%2fdesktop%2fraid%2fdragon_fire_a_m_f038_rdoapp%253fplid%253d380266%2526pxl%253dadmitad%2526publisherId%253d9057_t_raidde_9_null_60166-rprxe%2526admitad_uid%253dcf57d74b646e13a2ee060cebed6127e2","rt":"Landing","r":"","t":1613743414,"i":0}; a_uid=1eed64d6-2dc4-41c8-975a-0d28ed40d68f; _gaexp=GAX1.2.h8-8J7t3SmiU5k_Sm0BGvA.18767.1; _gaexp_rc=1; _opt_expid=h8-8J7t3SmiU5k_Sm0BGvA%241%24
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-type
text/html
cache-control
private
vary
Accept-Encoding
x-stackifyid
V2|fd65d573-4d7e-49a5-b15b-449746266dc2|C79315|CD1 V2|c374e3a5-3460-4513-a670-12aa34b843ac|C79315|CD1
set-cookie
gu={"q":"%3fplid%3d380266%26pxl%3dadmitad%26publisherId%3d9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3dcf57d74b646e13a2ee060cebed6127e2","lp":"https%3a%2f%2fplarium.com%2flandings%2fde%2fdesktop%2fraid%2fcro%2fdragon_fire_a_f038_fdb_rdoapp_test%253fplid%253d380266%2526pxl%253dadmitad%2526publisherId%253d9057_t_raidde_9_null_60166-rprxe%2526admitad_uid%253dcf57d74b646e13a2ee060cebed6127e2","rt":"Landing","r":"","t":1613743415,"i":0}; expires=Sun, 21-Feb-2021 13:48:35 GMT; path=/ l_ref=https%3a%2f%2fplarium.com%2flandings%2fde%2fdesktop%2fraid%2fdragon_fire_a_m_f038_rdoapp%253fplid%253d380266%2526pxl%253dadmitad%2526publisherId%253d9057_t_raidde_9_null_60166-rprxe%2526admitad_uid%253dcf57d74b646e13a2ee060cebed6127e2; expires=Sat, 20-Feb-2021 13:48:35 GMT; path=/
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET ARR/3.0 ASP.NET
cf-cache-status
DYNAMIC
cf-request-id
085c25bb2b0000736f33066000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6240723eabf1736f-CPH
content-encoding
gzip
css2
fonts.googleapis.com/ 		2 KB
637 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@700&display=swap
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 12:23:38 GMT
server
ESF
date
Fri, 19 Feb 2021 13:48:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Feb 2021 13:48:35 GMT
js
www.googletagmanager.com/gtag/ 		136 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5FNDF9DMY8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53503
x-xss-protection
0
expires
Fri, 19 Feb 2021 13:48:35 GMT
1349.js
script.crazyegg.com/pages/scripts/0088/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0088/1349.js?448262
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
cf-cache-status
HIT
age
3471
cf-polished
origSize=4394
ce-version
11.1.224
content-length
4393
cf-request-id
085c25bc0400004dd03714d000000001
timing-allow-origin
*
last-modified
Fri, 19 Feb 2021 12:50:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, no-transform, s-maxage=1209600
accept-ranges
bytes
cf-ray
624072400a904dd0-FRA
cf-bgj
minify
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
7043
date
Fri, 19 Feb 2021 11:51:12 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Fri, 19 Feb 2021 13:51:12 GMT
bat.js
bat.bing.com/ 		0
0
pixel.js
www.redditstatic.com/ads/ 		0
0
index.html
mhjfbmdgcfjbbpaeojofohoefgiehjai/ 		0
0
api
default.queit.in/ 		0
0
collect
analytics.google.com/g/ 		0
69 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-5FNDF9DMY8&gtm=2oe2a1&_p=1947315509&sr=1600x1200&_gaz=1&ul=en-us&cid=685598797.1613742515&_s=1&dl=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fdragon_fire_a_m_f038_rdoapp%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&dr=&dt=RAID%3A%20Shadow%20Legends&sid=1613742515&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5FNDF9DMY8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:48:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
69 B 		Other
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5FNDF9DMY8&cid=685598797.1613742515&gtm=2oe2a1&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5FNDF9DMY8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/dragon_fire_a_m_f038_rdoapp?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:48:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
1349.json
script.crazyegg.com/pages/data-scripts/0088/ 		0
0
crj
mbi-fchk.x-plarium.com/api/ 		0
0
collect
analytics.google.com/g/ 		0
0
optimize.js
www.googleoptimize.com/ 		178 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-WGBHHZV
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
697b7f9b5cda7d982ba5bd4786acfe6266ab3fd34331dc953442abb9fc51b667
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42219
x-xss-protection
0
expires
Fri, 19 Feb 2021 13:48:35 GMT
ad_raid_en_with_callback.js
cdn01.x-plarium.com/browser/content/portalclientpixels/src/Static-desktop/en/js/ 		8 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/content/portalclientpixels/src/Static-desktop/en/js/ad_raid_en_with_callback.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA1) /
Resource Hash
3cb264f59a18856874af245e27ada9ef0b565848ee9ed4759a4fbf2697267058

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
gzip
last-modified
Mon, 18 Jan 2021 10:07:03 GMT
server
ECS (amb/6BA1)
age
18172
etag
"3831602613+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1451
expires
Fri, 26 Feb 2021 13:48:35 GMT
styles.css
cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/ 		976 KB
126 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B81) /
Resource Hash
f879c243ec5161d768bcbb8130570bcabd7367cf5e38947f5af0b0ab095fd00d

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
gzip
last-modified
Fri, 19 Feb 2021 10:35:42 GMT
server
ECS (amb/6B81)
age
11192
etag
"1955076827+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
129346
expires
Fri, 26 Feb 2021 13:48:35 GMT
main_comp_blur.jpg
cdn01.x-plarium.com/browser/content/landings/backgrounds/main_comp/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/backgrounds/main_comp/main_comp_blur.jpg
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B95) /
Resource Hash
ee240dfda88816f00c7633b3bf00c2f032d16e3941d16494028506ce1541926e

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
last-modified
Tue, 08 Oct 2019 06:57:24 GMT
server
ECS (amb/6B95)
age
593997
etag
"1165129265"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
10478
expires
Fri, 26 Feb 2021 13:48:35 GMT
gtm.js
www.googletagmanager.com/ 		212 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2b63410bac3a6acef7616149f9795ed07263eaac8f7dbdc763357522d0fe052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60992
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Feb 2021 13:48:35 GMT
sdk.js
static.queit.in/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.queit.in/sdk.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:1c:19e4:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ecstatic-3.2.1 /
Resource Hash
06748e97c8e3146494596e2cd6a85b7472e280a4a030135171b09878c0bc3a40

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:09:06 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified
Sun, 26 Aug 2018 06:15:13 GMT
server
ecstatic-3.2.1
age
2425
etag
W/"18352616-86801-2018-08-26T06:15:13.000Z"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C2
content-length
86801
x-amz-cf-id
iumob-LInXVL4ce6Ag_j7OqeV1IOwTsV376iT3hMTETr2X-o487uQA==
css2
fonts.googleapis.com/ 		2 KB
609 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@700&display=swap
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
370ca77212d8922df15cf66968698b043a8c34b52fea16dd12348c3b25db7884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 13:25:38 GMT
server
ESF
date
Fri, 19 Feb 2021 13:48:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Feb 2021 13:48:35 GMT
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion
1
date
Fri, 19 Feb 2021 13:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5581
x-amz-id-2
mmYxG6BHPREIFrKNjswe5rIGO3p7Ap9+Nz8pjNUW328xfm1xQSpbTUZnUnswTU/FotkntpUEwYk=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 24 Sep 2020 23:08:16 GMT
server
ATS
etag
"49db10c8315384e8dad2e92a6841ed81-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
BP1H5N7J8G9Q2M7P
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges
bytes
content-type
application/javascript
obtp.js
amplify.outbrain.com/cp/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-87.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Feb 2021 13:48:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Jan 2021 14:42:51 GMT
Server
AkamaiNetStorage
ETag
"c43e7f1b0459d05cce32768dd16af59b:1611585771.492103"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2864
Expires
Fri, 19 Feb 2021 14:08:35 GMT
logo_dragon2.png
cdn01.x-plarium.com/browser/content/landings/logo/Raid/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/logo/Raid/logo_dragon2.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B79) /
Resource Hash
42cb01b7a48de9187d113d1245775e13f4d9253a6f606288e5202c6ecb252119

Request headers

Referer
https://plarium.com/landings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
last-modified
Wed, 09 Oct 2019 13:54:10 GMT
server
ECS (amb/6B79)
age
330281
etag
"60253294"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
12418
expires
Fri, 26 Feb 2021 13:48:35 GMT
main_comp_recrop.mp4
cdn01.x-plarium.com/browser/content/landings/backgrounds/main_comp/ 		320 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/content/landings/backgrounds/main_comp/main_comp_recrop.mp4
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B85) /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
last-modified
Wed, 16 Oct 2019 09:33:01 GMT
server
ECS (amb/6B85)
age
87415
etag
"3539995970"
x-cache
HIT
content-type
video/mp4
Content-Range
bytes 0-8075366/8075367
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
8075367
expires
Fri, 26 Feb 2021 13:48:35 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1153814/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1153814/tfa.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
HeQb7R6XDVJSjD8wQh9rmAyeSZ4NPTDg
content-encoding
gzip
etag
"54a4bad8dc4dc900643e7781699f4bea"
age
4
x-cache
HIT
x-amz-replication-status
PENDING
content-length
21900
x-amz-id-2
RoRm30yf4ONdsoJATCDGnofVhxpPC01ChFiqsYJqsU9xPWSOwRTMRdKEMDqt+ieN3d/TV0aOd1M=
x-served-by
cache-fra19122-FRA
last-modified
Mon, 15 Feb 2021 18:49:36 GMT
server
AmazonS3
x-timer
S1613742515.435149,VS0,VE1
date
Fri, 19 Feb 2021 13:48:35 GMT
vary
Accept-Encoding
x-amz-request-id
4804A1C74436B6B5
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
54
x-cache-hits
1
widget.js
d2xerlamkztbb1.cloudfront.net/19762526-d305/5/ 		736 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2xerlamkztbb1.cloudfront.net/19762526-d305/5/widget.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.91.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 13:55:49 GMT
Via
1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Sun, 08 Oct 2017 14:53:27 GMT
Server
AmazonS3
Age
1554767
ETag
"c1d3d56f621632ee73f370faa2a79f44"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=29030400, public
X-Amz-Cf-Pop
PRG50-C1
Accept-Ranges
bytes
Content-Length
736
X-Amz-Cf-Id
rANghcjPMLUyVWakb1qx2aXhVQD6ilVTEyZHXr1YDdIdiqU8Mf8t5Q==
10094756.json
s.yimg.com/wi/config/ 		2 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10094756.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:03:06 GMT
x-content-type-options
nosniff
age
2729
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
B55E079626631516
x-amz-id-2
aOFM0HgOwKsWNt5oBq/8KKib70Jc2zf4XUHrCVlWKzq4OKRQOArqk+Z2sdxOB9B4RaHrk596EiY=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
crj
mbi-fchk.x-plarium.com/api/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mbi-fchk.x-plarium.com/api/crj?app=27&callback=1&adCampaign=380266&uid=null&usi=un-03cf5dc2-674c-4137-b2af-4c18aa9828ca
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/content/portalclientpixels/src/Static-desktop/en/js/ad_raid_en_with_callback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.182.134.18 , United States, ASN10297 (ENET-2, US),
Reverse DNS
207-182-134-18.xlhdns.com
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
x-correlation-id
e0410fc7-ff61-4141-8526-287bac32ce7a
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://plarium.com
access-control-allow-credentials
true
content-length
4
js
www.googletagmanager.com/gtag/ 		136 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5FNDF9DMY8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fac1f6c8c03ad83b951b1f919e63b661e74597bb2884bc8c0953d3c06783917a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53503
x-xss-protection
0
expires
Fri, 19 Feb 2021 13:48:35 GMT
1349.js
script.crazyegg.com/pages/scripts/0088/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0088/1349.js?448262
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aacdf7fba757dfe98d545bc3eeb311ef54751cf2606158f768cab02e0189843

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
cf-cache-status
HIT
age
3471
cf-polished
origSize=4394
ce-version
11.1.224
content-length
4393
cf-request-id
085c25bcce00004dd04fbe2000000001
timing-allow-origin
*
last-modified
Fri, 19 Feb 2021 12:50:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, no-transform, s-maxage=1209600
accept-ranges
bytes
cf-ray
624072414ce14dd0-FRA
cf-bgj
minify
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
7043
date
Fri, 19 Feb 2021 11:51:12 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Fri, 19 Feb 2021 13:51:12 GMT
bat.js
bat.bing.com/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:34 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 20:48:20 GMT
x-msedge-ref
Ref A: 44FC32243ACF4D2698E83BDECCC1F926 Ref B: FRAEDGE1409 Ref C: 2021-02-19T13:48:35Z
etag
"042b8e76dfad61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8454
pixel.js
www.redditstatic.com/ads/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LK4K4N
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e80ddf3eef44b5e1eb4decb66700685245e47896a94e971bd8ea906c35d61d00

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Wed, 27 Jan 2021 22:32:09 GMT
server
snooserv
etag
"8e0821fb80cc4328dc38d8f75915b82b"
vary
Accept-Encoding,Origin
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-encoding
gzip
content-length
5905
watch.js
mc.yandex.ru/metrika/ 		122 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: oldharper.xyz
URL: http://oldharper.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
br
last-modified
Mon, 15 Feb 2021 13:31:56 GMT
etag
"602be42d-a9d7"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
43479
expires
Fri, 19 Feb 2021 14:48:35 GMT
fs.js
edge.fullstory.com/s/ 		201 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: oldharper.xyz
URL: http://oldharper.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Origin
https://plarium.com
Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:42:54 GMT
content-encoding
gzip
age
341
x-guploader-uploadid
ABg5-UzFvp7Wr2N9yXrXtyQtALvOub7m-tLD2yHBStjgJoQi0V2hq0axPOxHic-3w_1l7owAvvGD58CACj7VamLnIg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
61977
last-modified
Mon, 15 Feb 2021 18:17:43 GMT
server
UploadServer
etag
"f306f203a40443d1b6cae86f82b7fecd"
x-goog-hash
crc32c=yYoDIQ==, md5=8wbyA6QEQ9G2yuhvgrf+zQ==
x-goog-generation
1613413062915898
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=600,no-transform
x-goog-stored-content-length
61977
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 19 Feb 2021 13:52:54 GMT
main_comp_recrop.mp4
cdn01.x-plarium.com/browser/content/landings/backgrounds/main_comp/ 		6 MB
6 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/content/landings/backgrounds/main_comp/main_comp_recrop.mp4
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B85) /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=1802240-

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
last-modified
Wed, 16 Oct 2019 09:33:01 GMT
server
ECS (amb/6B85)
age
87415
etag
"3539995970"
x-cache
HIT
content-type
video/mp4
Content-Range
bytes 1802240-8075366/8075367
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
6273127
expires
Fri, 26 Feb 2021 13:48:35 GMT
1349.json
script.crazyegg.com/pages/data-scripts/0088/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0088/1349.json?t=5379141
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0088/1349.js?448262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab14a07ad5f102504c8bcc921c76546aff10f898767705ae3f1ad8c37d1aa76

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3472
ce-version
11.1.224
content-length
1137
cf-request-id
085c25bcdf0000d6fda816f000000001
timing-allow-origin
*
last-modified
Fri, 19 Feb 2021 12:50:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, no-transform, s-maxage=1209600
accept-ranges
bytes
cf-ray
624072416f8ad6fd-FRA
collect
www.google-analytics.com/j/ 		1 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=342851192&t=pageview&_s=1&dl=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&ul=en-us&de=UTF-8&dt=RAID%3A%20Shadow%20Legends&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAAABAAAAAC~&jid=1370455726&gjid=460875453&cid=685598797.1613742515&tid=UA-121176567-5&_gid=484341663.1613742515&_r=1&gtm=2wg2a15LK4K4N&z=1640676589
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:48:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=342851192&t=pageview&_s=1&dl=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&ul=en-us&de=UTF-8&dt=RAID%3A%20Shadow%20Legends&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=h8-8J7t3SmiU5k_Sm0BGvA.1&_u=QACAAAABAAAAAC~&jid=1040976885&gjid=1147010145&cid=685598797.1613742515&tid=UA-121176567-1&_gid=484341663.1613742515&_r=1&gtm=2wg2a15LK4K4N&z=1178845335
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:48:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
11.1.224.js
script.crazyegg.com/pages/versioned/common-scripts/ 		101 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.224.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0088/1349.js?448262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f317d1fcd47bd37d17eba891aad13465964a90c7151f9aeb6b531f0a40bf6a

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
cf-cache-status
HIT
age
63137
cf-polished
origSize=103884
content-length
103699
cf-request-id
085c25bcf000004dd058b7f000000001
timing-allow-origin
*
last-modified
Thu, 11 Feb 2021 14:06:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, no-transform, s-maxage=31536000
accept-ranges
bytes
cf-ray
624072417d514dd0-FRA
cf-bgj
minify
rp.gif
alb.reddit.com/ 		42 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1613742515451&id=t2_1ac96naq&event=PageVisit&uuid=352afb50-6155-4557-aaa7-c81158c83479&s=SjocnomuETOcrzO5j8sbqlY3biROaXT5sO8m02zGeU8%3D
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
via
1.1 varnish
server
Varnish
accept-ranges
bytes
content-length
42
retry-after
0
content-type
image/gif
collect
stats.g.doubleclick.net/j/ 		4 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-121176567-1&cid=685598797.1613742515&jid=1040976885&gjid=1147010145&_gid=484341663.1613742515&_u=QACAAAABAAAAAC~&z=981178496
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 19 Feb 2021 13:48:35 GMT
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=004a5b79a05aca3b2af4597936f43726e3
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
gzip
X-TraceId
8beaccb1bddfddfdec7fc5c3ccea700d
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=004a5b79a05aca3b2af4597936f43726e3&obApiVersion=1.1&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&optOut=false&bust=03621718065392663
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Feb 2021 13:48:35 GMT
Cache-Control
no-cache
X-TraceId
ad30c44d400bfafe7ced9bc78cd180cb
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
activityi;dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1...
9360814.fls.doubleclick.net/ Frame 0DE7
Redirect Chain
  • https://9360814.fls.doubleclick.net/activityi;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord...
  • https://9360814.fls.doubleclick.net/activityi;dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_...
745 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9360814.fls.doubleclick.net/activityi;dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146?
Requested by
Host: oldharper.xyz
URL: http://oldharper.xyz/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9360814.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 19 Feb 2021 13:48:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
540
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 14:03:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 19 Feb 2021 13:48:35 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9360814.fls.doubleclick.net/activityi;dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/ 		2 MB
466 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/client.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B94) /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
gzip
last-modified
Fri, 19 Feb 2021 10:35:41 GMT
server
ECS (amb/6B94)
age
11192
etag
"810230568+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
476998
expires
Fri, 26 Feb 2021 13:48:35 GMT
app.js
static.x-plarium.com/browser/canvas/landings.pp.analytics/v5/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.x-plarium.com/browser/canvas/landings.pp.analytics/v5/app.js
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:35 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5570934
content-length
2347
cf-request-id
085c25bd4700004e3e0a127000000001
last-modified
Thu, 10 Jan 2019 09:14:42 GMT
server
cloudflare
etag
"64b8e4ebc4a8d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=533729485
accept-ranges
bytes
cf-ray
624072420bb04e3e-FRA
expires
Tue, 19 Jan 2038 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-121176567-1&cid=685598797.1613742515&jid=1040976885&_u=QACAAAABAAAAAC~&z=661513906
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:48:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-121176567-1&cid=685598797.1613742515&jid=1040976885&_u=QACAAAABAAAAAC~&z=661513906
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:48:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
mhjfbmdgcfjbbpaeojofohoefgiehjai/ 		0
0
api
default.queit.in/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://default.queit.in/api
Requested by
Host: static.queit.in
URL: https://static.queit.in/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.72.189.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://plarium.com
Date
Fri, 19 Feb 2021 13:48:35 GMT
Connection
keep-alive
Vary
Origin
0
bat.bing.com/action/ 		0
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17182030&Ver=2&mid=ee02ed55-3934-41ec-b25e-d29a30edb728&sid=2982a13072b911eb8507b566bea46adb&vid=2983015072b911eba04d5d969e12fea7&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=RAID%3A%20Shadow%20Legends&p=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&r=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fdragon_fire_a_m_f038_rdoapp%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&lt=568&evt=pageLoad&msclkid=N&sv=1&rn=91203
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 19 Feb 2021 13:48:35 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 2B8ADE79B1A141C7B465A1FB16B27D62 Ref B: FRAEDGE1409 Ref C: 2021-02-19T13:48:35Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
api
default.queit.in/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://default.queit.in/api
Requested by
Host: static.queit.in
URL: https://static.queit.in/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.72.189.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://plarium.com
Date
Fri, 19 Feb 2021 13:48:35 GMT
Connection
keep-alive
Vary
Origin
widget.js
d221oziut8gs4d.cloudfront.net/ 		0
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d221oziut8gs4d.cloudfront.net/widget.js?id=19762526&secure&8965236
Requested by
Host: d2xerlamkztbb1.cloudfront.net
URL: https://d2xerlamkztbb1.cloudfront.net/19762526-d305/5/widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-6.fra56.r.cloudfront.net
Software
rhino-core-shield /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Feb 2021 13:48:36 GMT
Content-Encoding
gzip
Server
rhino-core-shield
X-Amz-Cf-Pop
FRA56-C2
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=UTF-8
Via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache="set-cookie"
Connection
keep-alive
Content-Length
20
X-Amz-Cf-Id
AYdDgh2xpT3zLP91340j64QqJtvsDcfrxn4x4vM_imGliKTOgBVjFA==
page
rs.fullstory.com/rec/ 		48 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
via
1.1 google
x-content-type-options
nosniff
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://plarium.com
access-control-allow-credentials
true
alt-svc
clear
content-length
48
sync
gum.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sync?a=1&r=2&c=421&j=handleCriteoCookie
  • https://gum.criteo.com/sync?s=1&a=1&r=2&c=421&j=handleCriteoCookie
80 B
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?s=1&a=1&r=2&c=421&j=handleCriteoCookie
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 19 Feb 2021 13:48:35 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
3473
content-length
198
expires
60

Redirect headers

location
/sync?s=1&a=1&r=2&c=421&j=handleCriteoCookie
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2868
date
Fri, 19 Feb 2021 13:48:35 GMT
content-length
177
content-type
text/html; charset=utf-8
/
plarium.com/landings/api/user/data/ 		1 KB
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://plarium.com/landings/api/user/data/?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Requested by
Host: oldharper.xyz
URL: http://oldharper.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

language_id
3
app_id
27
game_id
0
theme_id
52
sitemap_id
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Content-Type
application/json

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
x-stackifyid
V2|c8355822-d3f3-467d-907c-841490fe0431|C79315|CD1, V2|697bf056-4264-4de2-8227-304a78c27547|C79315|CD1
cf-ray
624072456859736f-CPH
cf-request-id
085c25bf610000736f08b01000000001
line_big.png
cdn01.x-plarium.com/browser/content/landings/forms/038/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/forms/038/line_big.png
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B83) /
Resource Hash

Request headers

Referer
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
last-modified
Fri, 04 Oct 2019 15:17:06 GMT
server
ECS (amb/6B83)
age
58923
etag
"4077500834"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1199
expires
Fri, 26 Feb 2021 13:48:36 GMT
Field.png
cdn01.x-plarium.com/browser/content/landings/forms/038/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/forms/038/Field.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC6) /
Resource Hash

Request headers

Referer
https://plarium.com/landings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
last-modified
Fri, 04 Oct 2019 15:17:06 GMT
server
ECS (amb/6BC6)
age
600397
etag
"4079614972"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
9869
expires
Fri, 26 Feb 2021 13:48:36 GMT
Button.png
cdn01.x-plarium.com/browser/content/landings/forms/038/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/forms/038/Button.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA7) /
Resource Hash

Request headers

Referer
https://plarium.com/landings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
last-modified
Fri, 04 Oct 2019 15:17:06 GMT
server
ECS (amb/6BA7)
age
46554
etag
"120024665"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
10620
expires
Fri, 26 Feb 2021 13:48:36 GMT
arrow.png
cdn01.x-plarium.com/browser/content/landings/forms/038/ 		620 B
686 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/forms/038/arrow.png
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBA) /
Resource Hash

Request headers

Referer
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
last-modified
Fri, 04 Oct 2019 15:17:06 GMT
server
ECS (amb/6BBA)
age
387927
etag
"162451077"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
620
expires
Fri, 26 Feb 2021 13:48:36 GMT
/
placehold.it/34x34/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://placehold.it/34x34/
Requested by
Host: plarium.com
URL: https://plarium.com/landings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.33.24.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
f1.placeholder.com
Software
/
Resource Hash

Request headers

Referer
https://plarium.com/landings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
Hover.png
cdn01.x-plarium.com/browser/content/landings/forms/038/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.x-plarium.com/browser/content/landings/forms/038/Hover.png
Requested by
Host: plarium.com
URL: https://plarium.com/landings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB8) /
Resource Hash

Request headers

Referer
https://plarium.com/landings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
last-modified
Fri, 04 Oct 2019 15:17:06 GMT
server
ECS (amb/6BB8)
age
64113
etag
"1931963797"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
10947
expires
Fri, 26 Feb 2021 13:48:36 GMT
Oswald400.woff
cdn01.x-plarium.com/browser/content/landings/fonts/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/content/landings/fonts/Oswald400.woff
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B98) /
Resource Hash

Request headers

Origin
https://plarium.com
Referer
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 16:04:40 GMT
server
ECS (amb/6B98)
age
566186
etag
"2833833951+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
content-length
52075
expires
Fri, 26 Feb 2021 13:48:36 GMT
Oswald300.woff
cdn01.x-plarium.com/browser/content/landings/fonts/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/content/landings/fonts/Oswald300.woff
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA8) /
Resource Hash

Request headers

Origin
https://plarium.com
Referer
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 16:04:40 GMT
server
ECS (amb/6BA8)
age
594008
etag
"2162740569+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
content-length
50719
expires
Fri, 26 Feb 2021 13:48:36 GMT
Oswald700.woff
cdn01.x-plarium.com/browser/content/landings/fonts/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/content/landings/fonts/Oswald700.woff
Requested by
Host: cdn01.x-plarium.com
URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8A) /
Resource Hash

Request headers

Origin
https://plarium.com
Referer
https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 16:04:40 GMT
server
ECS (amb/6B8A)
age
591845
etag
"3639140121+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
content-length
51821
expires
Fri, 26 Feb 2021 13:48:36 GMT
/
plarium.com/landings/api/content/ 		4 B
169 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://plarium.com/landings/api/content/?urlPart=%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2
Requested by
Host: oldharper.xyz
URL: http://oldharper.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

language_id
3
app_id
27
game_id
0
theme_id
52
sitemap_id
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
content-type
application/json

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
x-stackifyid
V2|d0dc41ee-82f5-4c75-a68e-fdc6128854e1|C79315|CD1, V2|405edf07-552e-4d4a-8ee0-4841f641fd38|C79315|CD1
cf-ray
62407245c904736f-CPH
content-length
4
cf-request-id
085c25bf9b0000736ff517b000000001
dragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2
adservice.google.com/ddm/fls/i/dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatm... Frame 4182 		744 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146;~oref=https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2
Requested by
Host: 9360814.fls.doubleclick.net
URL: https://9360814.fls.doubleclick.net/activityi;dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146;~oref=https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://9360814.fls.doubleclick.net/activityi;dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146?
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://9360814.fls.doubleclick.net/activityi;dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146?

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 19 Feb 2021 13:48:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
540
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
main_comp_recrop.mp4
cdn01.x-plarium.com/browser/content/landings/backgrounds/main_comp/ 		2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn01.x-plarium.com/browser/content/landings/backgrounds/main_comp/main_comp_recrop.mp4
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:f5b:5e9:1832:1d32:106a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B85) /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=262144-

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
last-modified
Wed, 16 Oct 2019 09:33:01 GMT
server
ECS (amb/6B85)
age
87416
etag
"3539995970"
x-cache
HIT
content-type
video/mp4
Content-Range
bytes 262144-8075366/8075367
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
7813223
expires
Fri, 26 Feb 2021 13:48:36 GMT
1
mc.yandex.ru/watch/22851190/
Redirect Chain
  • https://mc.yandex.ru/watch/22851190?wmode=7&page-url=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publishe...
  • https://mc.yandex.ru/watch/22851190/1?wmode=7&page-url=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publis...
167 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/22851190/1?wmode=7&page-url=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&page-ref=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fdragon_fire_a_m_f038_rdoapp%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z33%3Afp%3A437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A1289231842605%3Ahid%3A889418546%3Az%3A60%3Ai%3A20210219144836%3Aet%3A1613742516%3Ac%3A1%3Arn%3A397596067%3Au%3A161374251649579841%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613742514976%3Ads%3A0%2C0%2C282%2C244%2C1%2C0%2C%2C266%2C14%2C%2C%2C%2C554%3Adsn%3A0%2C0%2C282%2C245%2C0%2C0%2C%2C26%2C14%2C%2C%2C%2C554%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613742516%3At%3ARAID%3A%20Shadow%20Legends
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:48:36 GMT
x-content-type-options
nosniff
last-modified
Fri, 19-Feb-2021 13:48:36 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://plarium.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Fri, 19-Feb-2021 13:48:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:48:36 GMT
last-modified
Fri, 19-Feb-2021 13:48:36 GMT
location
/watch/22851190/1?wmode=7&page-url=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&page-ref=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fdragon_fire_a_m_f038_rdoapp%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z33%3Afp%3A437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A1289231842605%3Ahid%3A889418546%3Az%3A60%3Ai%3A20210219144836%3Aet%3A1613742516%3Ac%3A1%3Arn%3A397596067%3Au%3A161374251649579841%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613742514976%3Ads%3A0%2C0%2C282%2C244%2C1%2C0%2C%2C266%2C14%2C%2C%2C%2C554%3Adsn%3A0%2C0%2C282%2C245%2C0%2C0%2C%2C26%2C14%2C%2C%2C%2C554%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613742516%3At%3ARAID%3A%20Shadow%20Legends
strict-transport-security
max-age=31536000
access-control-allow-origin
https://plarium.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 19-Feb-2021 13:48:36 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: plarium.com
URL: https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
last-modified
Mon, 15 Feb 2021 13:31:56 GMT
etag
"602bfd68-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 19 Feb 2021 14:48:36 GMT
/
collector.plarium.com/api/event/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://collector.plarium.com/api/event/
Protocol
H2
Server
104.16.21.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://plarium.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://plarium.com
vary
Origin
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
cf-request-id
085c25c0210000d89dd03d1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
624072469cf9d89d-CPH
/
collector.plarium.com/api/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://collector.plarium.com/api/event/
Requested by
Host: oldharper.xyz
URL: http://oldharper.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.21.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

date
Fri, 19 Feb 2021 13:48:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://plarium.com
access-control-allow-credentials
true
cf-ray
62407247af31d89d-CPH
content-length
0
cf-request-id
085c25c0c60000d89dd38fc000000001
dragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2
adservice.google.de/ddm/fls/i/dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatme... Frame 3405 		194 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146;~oref=https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146;~oref=https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146;~oref=https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/ddm/fls/i/dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146;~oref=https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://adservice.google.com/ddm/fls/i/dc_pre=CKW5nKuL9u4CFWpkFQgdmYMM7w;src=9360814;type=reg;cat=match0;match_id=685598797.1613742515;u2=685598797.1613742515;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=4182535337164.5146;~oref=https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 19 Feb 2021 13:48:36 GMT
expires
Fri, 19 Feb 2021 13:48:36 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
www.swixil.com/ Frame 8ABA 		670 B
871 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.swixil.com/?affid=9057&oid=null
Requested by
Host: oldharper.xyz
URL: http://oldharper.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/ Express
Resource Hash

Request headers

Host
www.swixil.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2

Response headers

Date
Fri, 19 Feb 2021 13:48:37 GMT
Connection
Keep-Alive
Cache-Control
max-age=25935500
Content-Encoding
gzip
Content-Length
448
Content-Type
text/html; charset=utf-8
Accept-Ranges
bytes
X-Powered-By
Express
ETag
W/"29e-TfFzYFHrzXCL/Pyc+Y56ZisQ9x4"
X-HW
1613742517.dop022.sk1.t,1613742517.cds063.sk1.shn,1613742517.dop022.sk1.t,1613742517.cds047.sk1.c
Access-Control-Allow-Origin
*
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=342851192&t=event&ni=1&_s=1&dl=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&ul=en-us&de=UTF-8&dt=RAID%3A%20Shadow%20Legends&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Down&ea=50&el=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&_u=SLCAAEABAAAAAC~&jid=&gjid=&cid=685598797.1613742515&tid=UA-121176567-1&_gid=484341663.1613742515&gtm=2wg2a15LK4K4N&cd2=685598797.1613742515&cd3=1613742516962&cd6=x64&cd7=&cd8=8&z=1498677436
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 05:19:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30522
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 8ABA 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.swixil.com
URL: https://www.swixil.com/?affid=9057&oid=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.swixil.com/?affid=9057&oid=null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
fViGv7Kr/Nwa/64Tn66ejUJLLmCqCHIbNRed89qYWT120XByU3SnKHeZ7sSTqI2fmCUVdWFQeZb5cmIlv7JYtw==
x-fb-trip-id
2052514463
x-frame-options
DENY
date
Fri, 19 Feb 2021 13:48:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
9057
connect.facebook.net/signals/config/ Frame 8ABA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/9057?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.swixil.com/?affid=9057&oid=null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
88w1SCvR4pt5skRdxmCxcwquQwrtE2Wz38YEW+wjChjiYxUr04cT2k8TEVAc8FRQkEYhDG6sWfh5cehOrJ7DTw==
x-fb-trip-id
2052514463
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 19 Feb 2021 13:48:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1275981882
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 8ABA 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=9057&ev=PageView&dl=https%3A%2F%2Fwww.swixil.com%2F%3Faffid%3D9057%26oid%3Dnull&rl=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&if=true&ts=1613742517156&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=28&it=1613742517109&coo=false&rqm=GET
Requested by
Host: www.swixil.com
URL: https://www.swixil.com/?affid=9057&oid=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.swixil.com/?affid=9057&oid=null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:48:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 19 Feb 2021 13:48:37 GMT
collect
analytics.google.com/g/ 		0
44 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-5FNDF9DMY8&gtm=2oe2a1&_p=342851192&sr=1600x1200&ul=en-us&cid=685598797.1613742515&dl=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fcro%2Fdragon_fire_a_f038_fdb_rdoapp_test%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&dr=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fdragon_fire_a_m_f038_rdoapp%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&dt=RAID%3A%20Shadow%20Legends&sid=1613742515&sct=1&seg=1&_s=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5FNDF9DMY8&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://plarium.com/landings/de/desktop/raid/cro/dragon_fire_a_f038_fdb_rdoapp_test?plid=380266&pxl=admitad&publisherId=9057_t_raidde_9_null_60166-rprxe&admitad_uid=cf57d74b646e13a2ee060cebed6127e2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:48:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plarium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rubird.ru
URL
http://rubird.ru/rtb/nurl/1613739600000-205519?nodeId=1&blockId=51836
Domain
bat.bing.com
URL
https://bat.bing.com/bat.js
Domain
www.redditstatic.com
URL
https://www.redditstatic.com/ads/pixel.js
Domain
mhjfbmdgcfjbbpaeojofohoefgiehjai
URL
chrome-extension://mhjfbmdgcfjbbpaeojofohoefgiehjai/index.html
Domain
default.queit.in
URL
https://default.queit.in/api
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5FNDF9DMY8&cid=685598797.1613742515&gtm=2oe2a1&aip=1&z=1999515742
Domain
script.crazyegg.com
URL
https://script.crazyegg.com/pages/data-scripts/0088/1349.json?t=5379141
Domain
mbi-fchk.x-plarium.com
URL
https://mbi-fchk.x-plarium.com/api/crj?app=27&callback=1&adCampaign=380266&uid=null&usi=un-03cf5dc2-674c-4137-b2af-4c18aa9828ca
Domain
analytics.google.com
URL
https://analytics.google.com/g/collect?v=2&tid=G-5FNDF9DMY8&gtm=2oe2a1&_p=1947315509&sr=1600x1200&ul=en-us&cid=685598797.1613742515&_s=2&dl=https%3A%2F%2Fplarium.com%2Flandings%2Fde%2Fdesktop%2Fraid%2Fdragon_fire_a_m_f038_rdoapp%3Fplid%3D380266%26pxl%3Dadmitad%26publisherId%3D9057_t_raidde_9_null_60166-rprxe%26admitad_uid%3Dcf57d74b646e13a2ee060cebed6127e2&dr=&dt=RAID%3A%20Shadow%20Legends&sid=1613742515&sct=1&seg=0&en=scroll&_et=10&epn.percent_scrolled=90
Domain
mhjfbmdgcfjbbpaeojofohoefgiehjai
URL
chrome-extension://mhjfbmdgcfjbbpaeojofohoefgiehjai/index.html

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| uncl object| Affilates object| dotq function| obApi object| _tfa number| _zaVerSnippet object| _zaq function| _za_api object| YAHOO object| google_tag_manager object| google_optimize object| gaData object| google_tag_data string| GoogleAnalyticsObject function| ga object| uetq function| rdt boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| _dlo_rules_ga boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL object| gaplugins object| gaGlobal string| CE_USER_COMMON_SCRIPT_URL function| UET object| labels object| CE2BH function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| config function| onYouTubeIframeAPIReady object| PLP function| setImmediate function| clearImmediate object| regeneratorRuntime object| qa object| platform object| __SENTRY__ function| _ number| _zaVerWidget string| _fs_loaded function| _fs_shutdown function| gReCaptchaHandler function| handleCriteoCookie object| Ya object| yaCounter22851190

1 Cookies

Domain/Path Name / Value
.oldharper.xyz/ Name: __cfduid
Value: d4d989154918e956ed32cc22abd00bdcc1613742509

5 Console Messages

Source Level URL
Text
console-api warning URL: https://oldharper.xyz/index.5d05e12cb894a315af64.js(Line 1)
Message:
Error: no src_id or s_id
console-api debug URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/client.js(Line 2)
Message:
[initSentry] sentry is disabled, to force enable it, add force-enable-sentry to the URL
console-api info URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/client.js(Line 2)
Message:
[Desktop][automationLabels] key "form.loginLock.input.TwoFactorCode" not found
console-api info URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/client.js(Line 2)
Message:
[Desktop][automationLabels] key "form.loginLock.input.TwoFactorCode" not found
console-api info URL: https://cdn01.x-plarium.com/browser/canvas/pp.landings.edge/322/v3.0.0/common-desktop/client.js(Line 2)
Message:
[Desktop][automationLabels] key "form.loginLock.input.TwoFactorCode" not found

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9360814.fls.doubleclick.net
ad.admitad.com
adservice.google.com
adservice.google.de
alb.reddit.com
amplify.outbrain.com
analytics.google.com
bat.bing.com
cdn.taboola.com
cdn01.x-plarium.com
collector.plarium.com
connect.facebook.net
d221oziut8gs4d.cloudfront.net
d2xerlamkztbb1.cloudfront.net
default.queit.in
edge.fullstory.com
faysimplefa.xyz
fonts.googleapis.com
gum.criteo.com
hifucay.ru
mbi-fchk.x-plarium.com
mc.yandex.ru
mhjfbmdgcfjbbpaeojofohoefgiehjai
oldharper.xyz
placehold.it
plarium.com
rs.fullstory.com
rtb.trade
rubird.ru
s.yimg.com
script.crazyegg.com
static.queit.in
static.x-plarium.com
stats.g.doubleclick.net
stattrack.xyz
tr.outbrain.com
warning.notify.support
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.redditstatic.com
www.swixil.com
analytics.google.com
bat.bing.com
default.queit.in
mbi-fchk.x-plarium.com
mhjfbmdgcfjbbpaeojofohoefgiehjai
rubird.ru
script.crazyegg.com
www.google.de
www.redditstatic.com
104.16.20.18
104.16.21.18
13.32.23.6
138.68.113.179
142.250.185.134
151.101.113.140
151.101.13.44
184.72.189.105
207.182.134.18
212.224.118.36
23.218.209.87
2600:9000:211e:d600:1c:19e4:1d00:93a1
2606:2800:134:f5b:5e9:1832:1d32:106a
2606:4700:3034::6815:bec
2606:4700:3034::ac43:ab58
2606:4700:3035::ac43:941d
2606:4700:3036::6815:32f4
2606:4700::6813:9408
2606:4700::6813:ad44
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:802::2008
2a00:1450:4001:803::2008
2a00:1450:4001:803::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:400c:c00::9c
2a00:1450:400c:c07::9b
2a02:2638::1c
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.186.194.58
35.201.112.186
45.33.24.119
65.9.91.228
69.16.175.10
70.42.32.95
78.140.179.119
88.85.84.113
06748e97c8e3146494596e2cd6a85b7472e280a4a030135171b09878c0bc3a40
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
3468a29e644ee4e58f1d0a4c246cd4b1ce858863fe3a21a9ad7b56161cdc4d47
370ca77212d8922df15cf66968698b043a8c34b52fea16dd12348c3b25db7884
3aacdf7fba757dfe98d545bc3eeb311ef54751cf2606158f768cab02e0189843
3cb264f59a18856874af245e27ada9ef0b565848ee9ed4759a4fbf2697267058
42cb01b7a48de9187d113d1245775e13f4d9253a6f606288e5202c6ecb252119
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
697b7f9b5cda7d982ba5bd4786acfe6266ab3fd34331dc953442abb9fc51b667
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
83f317d1fcd47bd37d17eba891aad13465964a90c7151f9aeb6b531f0a40bf6a
869d4c10668a48ce60a0a18e113995e8b118069ac0440464361b465fb5bd4000
9ab14a07ad5f102504c8bcc921c76546aff10f898767705ae3f1ad8c37d1aa76
a2b63410bac3a6acef7616149f9795ed07263eaac8f7dbdc763357522d0fe052
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e80ddf3eef44b5e1eb4decb66700685245e47896a94e971bd8ea906c35d61d00
ee240dfda88816f00c7633b3bf00c2f032d16e3941d16494028506ce1541926e
f879c243ec5161d768bcbb8130570bcabd7367cf5e38947f5af0b0ab095fd00d
fac1f6c8c03ad83b951b1f919e63b661e74597bb2884bc8c0953d3c06783917a