tarotrealm1234.top Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tarotrealm1234.top/#ce
Effective URL:
https://tarotrealm1234.top/
Submission Tags: 0xscam
Submission: On May 14 via api (May 14th 2024, 1:30:50 pm UTC) from US — Scanned from NL

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 6 domains to perform 45 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is tarotrealm1234.top.
TLS certificate: Issued by GTS CA 1P5 on May 14th 2024. Valid for: 3 months.

This is the only time tarotrealm1234.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6812:c20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
45	10

8 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tarotrealm1234.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tarotrealm1234.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:c20 (United States)

ASN13335 (CLOUDFLARENET, US)

res.gamescdn.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icons.gamescdn.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f832868216e7fb2cf0ba53bbea8cc555.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	tarotrealm1234.top 1 redirects tarotrealm1234.top	143 KB
13	gamescdn.top res.gamescdn.top icons.gamescdn.top	11 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 f832868216e7fb2cf0ba53bbea8cc555.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 164	19 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205	171 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	255 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	100 KB
45	6

	Domain	Requested by
22	tarotrealm1234.top	1 redirects tarotrealm1234.top
12	icons.gamescdn.top
3	securepubads.g.doubleclick.net	tarotrealm1234.top securepubads.g.doubleclick.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	f832868216e7fb2cf0ba53bbea8cc555.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	res.gamescdn.top	tarotrealm1234.top
1	www.googletagmanager.com	tarotrealm1234.top
45	9

This site contains no links.

Subject Issuer	Validity	Valid
tarotrealm1234.top GTS CA 1P5	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
gamescdn.top GTS CA 1P5	`2024-05-13` - `2024-08-11`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://tarotrealm1234.top/
Frame ID: 4396D4818339DA67BFE826DAB2553E6F
Requests: 40 HTTP requests in this frame

Frame: https://tarotrealm1234.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Frame ID: 22721EA1F990BE11D7E5AE601D84B113
Requests: 3 HTTP requests in this frame

Frame: https://f832868216e7fb2cf0ba53bbea8cc555.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F1CD5868F813B249BBAE49EEFF6C04C2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF59EEAF411A9307FA862C08854D437A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play Free H5 Games On Mobile

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

96 %
HTTPS

67 %
IPv6

6
Domains

9
Subdomains

10
IPs

3
Countries

444 kB
Transfer

1341 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://tarotrealm1234.top/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://tarotrealm1234.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tarotrealm1234.top/ 9 KB
3 KB 280ms
98ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3265efe24e4a77db305f1198fc9f51d703d002ec2b2d80ebd303327d26e34b2d

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 883b3ea16ad466cc-AMS
content-encoding: br
content-type: text/html
date: Tue, 14 May 2024 13:30:45 GMT
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QHG9Y9Kv2zUyiaT2lGJ3e2NAVBgJVp82ZRgu1BMl3tLY2dkVF%2Br7I8F%2BqBg7v2pNFxfoQDW9Zl8dVu%2BIFugrZt5tp7KIkSB7FVwl9NM4AE1A1Trad8kwEBmISz32b5DkFUOzPeh34uIfrF5DmVNwPs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 jquery-weui.min.css
tarotrealm1234.top/css/ 55 KB
10 KB 99ms
97ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/css/jquery-weui.min.css
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4217d79c81940cb5c94fbcbc0ea862f63ceea169b26cebd2819fd6e8016ff398

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64c74f70-dae0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vdarM8edvZybJdWgHEtOpkSAasWShDnBTsNxlSCMZ6sgkIsk1R67yNuelSUjkiqT4xG0bvdWojMRO68EwKfU0B9HliyNuRnzWpR%2BswleQZkWf2BWdL5v5nvdz%2B9jP6IvuPGwNT%2FsBCNO%2FtojbR1Jp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 883b3ea22b9b66cc-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 weui.min.css
tarotrealm1234.top/css/ 50 KB
13 KB 92ms
91ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/css/weui.min.css
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd0e864bd7605658db1930286ef3ade510f8e61bacf8300b2e55ebd652cf6015

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64c74f70-c759"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j5m4UZvnWeg7wom9Txy1SZ8m3SE9O%2BjQC1%2BLs%2BcuaW%2FHCswLWqAiRZanuC03hH2kNlIaLgSFlaVgtQrCDWkqm17fYRwpoIHxLwfWy3jyUmTQRFAhrx5JnXTun1bjuQ5QK34WMp%2BzR7Q4PW%2FRNyrvzQk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 883b3ea22b9e66cc-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
tarotrealm1234.top/css/ 8 KB
2 KB 100ms
99ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/css/style.css
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5787d6c2f17c3ec068f737a56d6a627005405a03f75cf7d815614f452caaff3b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=9538
etag: W/"64c74f70-2542"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6VLFD9CmywvnKwawYQEBpMugenQes0Fk2CPovpuPxNPZXjblvzqxTYqoL7X4FD4sA33xgStPCma9BlYrLvk8rXn3A9eexsdZXX0lRr4lQndnjB83m0WILvKfvCCMrDY7sQiSJeJgMHtrx7r4Q8b62Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 883b3ea22ba166cc-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 self.css
tarotrealm1234.top/css/ 48 KB
11 KB 97ms
95ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/css/self.css
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 285ff45ad0049856ce1bdd69f0a8db152a008cf5a961bc79c1458e00125f2db4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=67828
etag: W/"64c74f70-108f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ciO%2B%2BxinENVHKECXkNqtnbKfcDr03rTWIqine%2BdvB9eBy7l2aZqH3ojlgYCI6%2Bl0AlwPsh53MhCd7ruo6BhN8dus9MRUbyCcnpZjDI5qE4t3XNygFHuiJhkGWgXSDLuisl08CIS9WM%2Bn4ukUthgbPDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 883b3ea22ba266cc-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 iconfont.css
tarotrealm1234.top/css/ 553 B
603 B 86ms
85ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/css/iconfont.css
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f116dab807b0851d1ed064614bb23ccb0ae6eca2ffe0e55772338f74523e6d04

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=688
etag: W/"64c74f70-2b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dYzhavvMCO0RFaVb6d2hBPp0rKcGbGtSPNg6jwM%2BZOCL5qv4YJj6F04Q8aPqvckGdQf5LKZQQ2UhBhDqJpOibz7sGrCfxAe4Ar1CxCviqJ%2B26KEI1OdSW7bcaicfw5Lq4Zxfp%2FVhrz7domzn0Y1Fkow%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 883b3ea22ba466cc-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 user.png
tarotrealm1234.top/img/ 2 KB
3 KB 102ms
102ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tarotrealm1234.top/img/user.png
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fbdb9d1a1daa9faca9b73f546f74b2fca002f4c9953b81b20b2a9b9b8e243e3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
cf-cache-status: HIT
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64c74f70-92b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WDPnk1PkEcenBoqexTZ%2Fnr6PkiEofiDwx3inkLFk1WOOFww30v9rR4UgLZD%2FPO6BXjyrFyHuebUJgy2nyJenFK2mXMgvLoJXC0rU25WxP2xtSgyN0pH%2BHWyY68NLQ1x7CLOEqR%2FTRszGTVaVXUPjQSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 883b3ea22ba566cc-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2347

GET
H2 200 rocket-loader.min.js Show response
tarotrealm1234.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 35ms
34ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tarotrealm1234.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 May 2024 09:31:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663b4689-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yin5nuKjCAYUuPl5G9KQ1uHufA81904RXLhY50qd1XG9VvMcu6aB43g7m9habMpqE01w2AHguorDODL4ZRw95IEvlbOSOF1g2zUBf0o7av7Rafxo4vaItLc0jirDgg6OOXubIBf%2FYgxcH0VRUZfIjAs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 883b3ea25bd366cc-AMS
expires: Thu, 16 May 2024 13:30:45 GMT

GET
H3 200 com.js Show response
tarotrealm1234.top/js/ 3 KB
1 KB 69ms
68ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/js/com.js
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b15dea29ad4c7f233a7c222d09642baf47a53e1bd45b10bdb8c0a1ce8cdccad8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3739
etag: W/"64c74f70-e9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9Rr6WCnizKPa9y0XtVerHiy6KYqNlm%2FYMss1w4Z5zA5Sj%2FaOGdeTD6OZx2%2FjvrQbPCaCeLLcHWUfRnTkQ%2FEYXOenYDBcR0E%2Fw43BtwsYsBi9uKy%2FkhH%2F2PRCrDoTft6NcCc5OA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 883b3ea32dce1c83-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-weui.min.js Show response
tarotrealm1234.top/js/ 82 KB
27 KB 71ms
69ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/js/jquery-weui.min.js
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e2eb7b59160dd9dd95bf0c53e468238eeeb4c79683494e7c7145489a9168908

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64c74f70-14960"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J3UIGFvjVhm7pf5n0vVyHu67lUNw8No3RltSo5r%2BSV6e4f%2FPQ4OatT%2BxQAa46uKJosHYR316cjm0g8FVaFJpwDfTSh8LbRuc0YfQrL8YFmVuGydGIDCfn73VJ2GUkiOhFQqpa5I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 883b3ea32dd21c83-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 fastclick.js Show response
tarotrealm1234.top/js/ 11 KB
3 KB 62ms
60ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/js/fastclick.js
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe6546296a0a64c38f102a952b0e3d2cef6f8b99dc4f162dbb2b8baad21b190

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=25965
etag: W/"64c74f70-656d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=liWoL%2BsKepFkq2lYqf2Ydpc6JlwcuLMxPhKoHMfeon9qh%2Fgl5nlC2WJTNKVo0ipVQVsTtcpx%2B%2B11zZppgH7vumMojpzwFGgsdFcYOndQaS9YMJGvy2hvoVei0gnXWh%2BHKxJs6W8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 883b3ea32dd41c83-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 lazyload.js Show response
tarotrealm1234.top/js/ 2 KB
1 KB 59ms
57ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/js/lazyload.js
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb9508653d70ae0f8e96ee607b63ef139875c6ecd05c271f875ef5cd118532d5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2210
etag: W/"64c74f70-8a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvHnWVcI3gxKmxcy0s9wlC6Ii9N0YiD4gvB%2FxlSJq1hGNTZllOfOaQENLF7J34%2F%2BrLwXxUaVi2k0Hx5vSqzsbglhDGVzUkrs3%2BIZvxUI2v9149VbHx%2BcXLjQAn%2FzORZEMEhSSyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 883b3ea32dd71c83-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-2.1.4.js Show response
tarotrealm1234.top/js/ 130 KB
40 KB 96ms
95ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/js/jquery-2.1.4.js
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a0861fa13e6a868eb064425a54c16ee63bbda6ad442c36de2fa934e461c3c6a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=247597
etag: W/"64c74f70-3c72d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IucT0LT1EJxSy4ePw2w432NPndGlYNY9Wb1%2Fe4785HbGpeBaJDfhABhZXy4DYaHjVHSDZ4XS%2FIkVWEq9f8u7jDVZPj8vhd9%2BEYs%2F85fDzeASAcz%2FLhhyT5K0bNbVnNpPyJ89tFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 883b3ea32dd81c83-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 94 KB
29 KB 135ms
84ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

de78b974057b018d5d3fb515819f7b0297f3c874f062db59a1882b37c3b90492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29994
x-xss-protection: 0
server: cafe
etag: 679 / 19857 / m202405080101 / config-hash: 9438254492747867792
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 14 May 2024 13:30:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
100 KB 110ms
56ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D5KZSV1VCB

Requested by

Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f322d34038d472d7212ff714438474b59392eccb3ce95789bc0271900a2e607f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102282
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 May 2024 13:30:45 GMT

GET
H3

200

main.js Show response
tarotrealm1234.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/ Frame 2272
Redirect Chain

https://tarotrealm1234.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://tarotrealm1234.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

8 KB
4 KB

70ms
70ms

Script
application/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tarotrealm1234.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

944317a1bf7c4ade4ead859f33f9e005b8e0bfc05075799786a87a60a2b0eea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ydtFt%2Bro%2Br62YEbqYVjpW8ggs6ycOBYBlsn6ZJs%2FhFP3ddBVo%2Bpb2q5rzhHwiVYB5y1dJqARP4Z7La9t3YoJGuPtF78H6%2FK5zBC1ruA25HyghVJkcocquB5jptKgcttDsUrVUaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 883b3ea37e1b1c83-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 14 May 2024 13:30:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEjLTEVJzIaRU4e0VAvkRuAdoV60FAQYIdgHkmj9Mj1Xo10hKlEX3Qi4GudEfEBPIjROQjgGTXRzGI9UldHaz1uokjF3TWaWqwXR%2BEFakgrQkrXlxGeGbpZj1nx8sXX68VERK9c%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 883b3ea32ddc1c83-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 favicon.ico
tarotrealm1234.top/ 8 KB
8 KB 98ms
96ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f05490fcc6a6c26a819b8df6bcc729e38270270dc28528a2147764e9900aeb1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64c74f70-1fae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WU6HtUfGjF5UZ0Bckaix%2FLCttUVHBhvyuSFKuSbkJgnu9q3SrwihnpBrHJ2u8mp8q%2BBNHRzOHfbb04AROw7Nq2COORhtjYRwu48NpA57dC0%2F3BxPUlvNohb9zpDX8TgjcGI%2F5XA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=31536000
cf-ray: 883b3ea34df31c83-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 header.html Show response
tarotrealm1234.top/ 2 KB
989 B 58ms
55ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/header.html
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/js/jquery-2.1.4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bced559070a3843c7d68869ed5fa95215cb6fde0dfa295dd669372978c34860

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: text/html, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NURNIORc%2BBVHSO1H%2F0xYLGLeGhA8AV%2FtznsW757MZKhdfIq1gvr83Ug4n74lEnu6Rp2rp%2BmpMZ4WBgh4eTgWq0nO28VrhozjFDXfmax6OfdaqdQgTHu0WdmGUCzFeksXSzxeHQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 883b3ea40e781c83-AMS
alt-svc: h3=":443"; ma=86400

POST
H3 200 883b3ea16ad466cc Show response
tarotrealm1234.top/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2272 0
595 B 45ms
42ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/cdn-cgi/challenge-platform/h/g/jsd/r/883b3ea16ad466cc
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8REbMdGSBdmXjM8eJEKzORoTDNNiSP8indyGAuo1ClnnBoIJvaBacNsehabcFIXEKjzD2nE4DM42lJJIbQ3GIFf%2BFuAhx8JuwI1RJHhqXaP1%2BHhcwUeC7ggbiCgQrKFok2rGfhM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 883b3ea47ef81c83-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 883b3ea16ad466cc Show response
tarotrealm1234.top/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2272 0
603 B 48ms
47ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/cdn-cgi/challenge-platform/h/g/jsd/r/883b3ea16ad466cc
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wa2S0tAjfJgAEKF5t3HLRLrZtSvYTxKfD8LbDBFYg%2FrWQpTEkn%2FwWFY53UfGmSUQ0UOEAsVmizc9gcWZ7hjMS6yGTZDpQtXWdsOritWH%2BC2F2vyPhvbw%2FBX%2FbV1y5eY23XEgO8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 883b3ea52f8f1c83-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 h5gg_categoryList.json Show response
res.gamescdn.top/js/H5/ 1 KB
648 B 266ms
157ms XHR
application/json 2606:4700::6812:c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.gamescdn.top/js/H5/h5gg_categoryList.json
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/js/jquery-2.1.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f889bcd347f828bf0e91d26082280052a5c38268f145676cd015338f086c8665

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/javascript, */*; q=0.01
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 02:01:32 GMT
server: cloudflare
etag: W/"654c3d7c-499"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 883b3ea5fa511cae-AMS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 14 May 2025 13:30:46 GMT

GET
H3 200 logo.png
tarotrealm1234.top/img/ 4 KB
4 KB 69ms
68ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tarotrealm1234.top/img/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27bd6bb90eef3184a28d2ec4c0f91d88fcd6d369ba8c7d8984788f7473480947

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:45 GMT
cf-cache-status: HIT
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64c74f70-f8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBP3wmnl1rKl278y7Ly1EViL%2FwboW8SEHfjNOnk2zwfnHFXogNnfXDRhtbcD9LZrJyz5tHioam%2F0o0f8r%2FdGpVm%2BdhevHtsEnHqZLvnLFkwQ9DzR%2BtkZ6GlR4HfXyRC1yxMdaO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 883b3ea54f9e1c83-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3979

GET
H3 200 classification_ic.png
tarotrealm1234.top/img/ 1 KB
2 KB 69ms
69ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tarotrealm1234.top/img/classification_ic.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f9d860d8faa07f79ae7a134334f830736899a3a04e29fe795a1f70d3f19e1ae

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
cf-cache-status: HIT
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64c74f70-5e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2J4rLBtGhySoHBiUwn6aBhblMGnIhdi2%2Fr5%2B4PT2Pb8oJ%2BYoY1MFWBiO7%2BhrFMlcw%2FaOzQh3NmxBDFy%2Bq8y%2FKahB2MtOOErYnZCVvRVIPfySPDCKxNYWiv3CE%2FBYfxYiTclJnQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 883b3ea54fa11c83-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1504

GET
H3 200 iconfont.woff2
tarotrealm1234.top/font/ 1 KB
1 KB 84ms
84ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tarotrealm1234.top/font/iconfont.woff2?t=1675872004004
Requested by: Host: tarotrealm1234.top
URL: https://tarotrealm1234.top/css/iconfont.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c1c288a0340f9a2b10517d1eece34605ff15ceb0ac8fe3e48d9ad6d9bd7712

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tarotrealm1234.top/css/iconfont.css
Origin: https://tarotrealm1234.top
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
cf-cache-status: HIT
last-modified: Mon, 31 Jul 2023 06:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64c74f70-414"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iE1Ez8hlifaRTpNi0%2FdMspXioyFaSYjRzCp6mwNSDDWHvXMXL%2FYCWpcU8yws0tZnSVrw5qAAru6vE2rLV%2BXfMMTOYVYvyqsS5TdieUb4XVTfD8MLgo%2FEi1NIMmnIWPlKy7e3YMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 883b3ea56fda1c83-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1044

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/ 453 KB
142 KB 46ms
46ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

84d39219097d5843cfbeb6d6f0efd56a801a083ed76c64cd6d210b282051e2a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 11:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5833
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144939
x-xss-protection: 0
server: cafe
etag: 1759730024324250755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 14 May 2025 11:53:32 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 146 B
97 B 141ms
58ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tarotrealm1234.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1f49490a40239039d9eb89cd532c0a85ab499578d1ad12b6b5b405395c74be91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72
x-xss-protection: 0
expires: Tue, 14 May 2024 13:30:46 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 472ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D5KZSV1VCB&gtm=45je45d0v9137298308za200&_p=1715693445615&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=172738698.1715693446&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715693446&sct=1&seg=0&dl=https%3A%2F%2Ftarotrealm1234.top%2F&dt=Play%20Free%20H5%20Games%20On%20Mobile&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=873
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D5KZSV1VCB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 13:30:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tarotrealm1234.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 380ms
70ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405080101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5a0ff3e76e049b1262631cb0e1d7c424ef8ffb73745d90ad0acc291f4e9c2853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12260
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 651 B
338 B 367ms
64ms Fetch
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4087567217993041&correlator=1501926535969504&eid=31083556%2C31083362&output=ldjh&gdfp_req=1&vrg=202405080101&ptt=17&impl=fif&ltd_cs=1&iu_parts=22839306403%2Ctarotrealm1234.top-B%2Ctarotrealm1234.top-300x250-01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1715693446167&lmt=1690783600&adxs=650&adys=83&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Ftarotrealm1234.top%2F%23ce&vis=1&psz=1600x269&msz=1600x250&fws=4&ohw=1600&dlt=1715693445452&idt=697&adks=513770831&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

167b28e8b6a7976c9d02be0786b0361c2e5a7a131cc713efe1f46ee2aae543d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tarotrealm1234.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f832868216e7fb2cf0ba53bbea8cc555.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F1CD 0
0 169ms
36ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f832868216e7fb2cf0ba53bbea8cc555.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 May 2024 13:30:46 GMT
expires: Wed, 14 May 2025 13:30:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 racing.svg
icons.gamescdn.top/ 2 KB
878 B 304ms
43ms Image
image/svg+xml 2606:4700::6812:c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/racing.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dcaeddd646fbacc2222460871c640fd6aaf14665e48707b9c7d0175c93b13b6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 4308
etag: W/"63ece745-60c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 883b3ea88ea4b920-AMS
expires: Wed, 14 May 2025 13:30:46 GMT

GET
H2 200 adventure.svg
icons.gamescdn.top/ 2 KB
935 B 286ms
26ms Image
image/svg+xml 2606:4700::6812:c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/adventure.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d56ce5752058dde7c00854a674e5c488d5d63a890628516d4e6361ab62978b3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 5503
etag: W/"63ece745-62e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 883b3ea88e9cb920-AMS
expires: Wed, 14 May 2025 13:30:46 GMT

GET
H2 200 puzzle.svg
icons.gamescdn.top/ 1 KB
786 B 287ms
27ms Image
image/svg+xml 2606:4700::6812:c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/puzzle.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 651ed70430e4737f1f0e1a434885775eff39dd4c2ca12aabfef27c8420d57118

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 3182
etag: W/"63ece745-5da"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 883b3ea88ea0b920-AMS
expires: Wed, 14 May 2025 13:30:46 GMT

GET
H2 200 io.svg
icons.gamescdn.top/ 2 KB
1 KB 304ms
44ms Image
image/svg+xml 2606:4700::6812:c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/io.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc2ad712debd9c019efda480f1cfb969ddaeb712ac30ae24d2370f8f19f6b294

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 4634
etag: W/"63ece745-9f1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 883b3ea88e9eb920-AMS
expires: Wed, 14 May 2025 13:30:46 GMT

GET
H2 200 shooting.svg
icons.gamescdn.top/ 2 KB
888 B 301ms
41ms Image
image/svg+xml 2606:4700::6812:c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/shooting.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6d62afefb8b82d4dc908c6ae42f243484be1f61a6edda9861264531fed55be

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 1786
etag: W/"63ece745-745"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 883b3ea88ea2b920-AMS
expires: Wed, 14 May 2025 13:30:46 GMT

GET
H2 200 sports.svg
icons.gamescdn.top/ 3 KB
1 KB 302ms
42ms Image
image/svg+xml 2606:4700::6812:c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/sports.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d081e4aa3520cc8903f079179fd1cde836653ba5a0dc8473db515489d3183d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 5503
etag: W/"63ece745-a3d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 883b3ea88ea1b920-AMS
expires: Wed, 14 May 2025 13:30:46 GMT

GET
H2 200 3d.svg
icons.gamescdn.top/ 1 KB
671 B 32ms
31ms Image
image/svg+xml 2606:4700::6812:c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/3d.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eedc9e0acd9e8ed4e0f00c0605acf6f05a1bfb9b856454f8ce18dd00dc56cd81

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 5503
etag: W/"63ece745-5e3"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 883b3ea8aec6b920-AMS
expires: Wed, 14 May 2025 13:30:46 GMT

GET
H2 200 arcade.svg
icons.gamescdn.top/ 2 KB
856 B 34ms
34ms Image
image/svg+xml 2606:4700::6812:c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/arcade.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b972da1f9da0a7237139330c766844fb6b62defe8795c06e8549842aaa0d67e6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 3938
etag: W/"63ece745-76f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 883b3ea8aec8b920-AMS
expires: Wed, 14 May 2025 13:30:46 GMT

GET
H2 200 action.svg
icons.gamescdn.top/ 2 KB
894 B 44ms
44ms Image
image/svg+xml 2606:4700::6812:c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/action.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e48674b241f95ad53f6658a3f4250964ad6d79634b4143c27776e2d111990e93

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 5240
etag: W/"63ece745-8ad"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 883b3ea8aecab920-AMS
expires: Wed, 14 May 2025 13:30:46 GMT

GET
H2 200 casual.svg
icons.gamescdn.top/ 1 KB
727 B 30ms
30ms Image
image/svg+xml 2606:4700::6812:c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/casual.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a45780e45a6bd202925017e88874504340d358954255f856b9dda2d1b91a76a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 5109
etag: W/"63ece745-5d6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 883b3ea8aeccb920-AMS
expires: Wed, 14 May 2025 13:30:46 GMT

GET
H2 200 Hypercasual.svg
icons.gamescdn.top/ 1 KB
713 B 33ms
33ms Image
image/svg+xml 2606:4700::6812:c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/Hypercasual.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a45780e45a6bd202925017e88874504340d358954255f856b9dda2d1b91a76a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 3532
etag: W/"63ece745-5d6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 883b3ea8aecfb920-AMS
expires: Wed, 14 May 2025 13:30:46 GMT

GET
H2 200 simulation.svg
icons.gamescdn.top/ 2 KB
836 B 28ms
28ms Image
image/svg+xml 2606:4700::6812:c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/simulation.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24dfab1d88ba045dc69c5f7b8ab2d9c68bf7ddfa1b79035ed6df440289238342

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 5503
etag: W/"63ece745-814"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 883b3ea8aed0b920-AMS
expires: Wed, 14 May 2025 13:30:46 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 92ms
30ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 May 2024 13:30:46 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF59 0
0 55ms
20ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 4198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 May 2024 12:20:48 GMT
expires: Wed, 14 May 2025 12:20:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405080101&jk=4087567217993041&bg=!AgGlAU7NAAbZcyKb-XM7ADQBe5WfOApY8PxI5_i2ZTW9kTvFqrDcjYnufGW1oZ45gnBWXJbB5Pj8CnBVcWiz6BIeD0TOAgAAAGBSAAAAAmgBB34ANYJGqmV57cZdzPgqSSpWp2yd3t1BTYpuQRTY-_ltjnANw28cDxpAgvpNNcqP5Vnq5Pnh0OKACgC1nUjtTlTev95nYUODA5BNvSe3F8y-lmC6tffewvCJJUPMnKuKXqvHKrZRV6FPJAzY--iGmA_4dNEXG_ngCDni2Wd1hkU6Z9NcX49aFMBdHxqUgAsD3DZgCJp1BPs9RXUvjGYf_n6vSPp-N2EAFVsyETVMAueozsWvAqDKiiVEJBsoF-uBnu1KquuHDcu_r2rOnp_g0R0gPuwoG0DibqvLbK5GEpyv43eFkIAw6jDuPIE8anxxkpkCkmuNws2uztBVc00cuCisDAjIGXk6T84F6ZvgNLFobwUDZpKXbnyBJVKCM76eWSZ7Hvx2U1khD-iKmm8tI_AuUglBivkTqJX_JtfTB_eWLWlxYGIx2Xrr2ndeYXyi97TJHx01bC-YwRhb8a1mJgPKsBzWwUioMOAJEnkBRxoua6Dgvmn1Usa2fOnByfy2LkkvWHHaUW118BXzliiddRzoFEPDyCZCO9x7FZxEnOEE0YpfXrlHMG0p8SNTtA0bmIZGgRj9TrIDh5NfdCfT5T7xdJJH2JT1Kbp_6-desppeIB3c-nCA0gr_cp2X4OxDCPSIfVikOlSqVrRCuPyquzW8vhN_2eHRfKPabuOVgjKG1fMFXNjY0tLzEJzsTzBJA8BRYIDJ3_YjQyJ9GfdbCBVZmdOeuz7DAVP7erv2c5chahe81KMXsJXgkBd17q-x05rZeYagfvobAd87HRHvMp2LY4n9tDMzFIK6o_Utmq_vwqw8OEu0OcRJb4f-IkSrBPlKbEZ5FBi93e16ZXwVq6HqA6tUCV-dYLQn5U8QMzBGOWb2xynl3WyY-O333MogfyefnYPvuHjyUKQKsAObMYX6-zCm7T1oIdV6Eb9yoC9fv8GwH-kXbp0msF0Iil17kt9en9Mbm2zNzrSpSB0F-1drH_t0feQ0O5a_D9T8ujvrBh3gUExSuLRgpoG3FlcAUtd6D7HDXb-dd4nVfO2qxLAEzbYM-jDfTcWqKXHtvJ2YZnmzmm70vdqepCndkds0-VlDSWZpS4HV2nWwrAUidsZGRDEloT9_AyeGmZCUYTurfq-noucYCNfDPgsRvDXQ3hx4XSsow50XrXU2aPTgEywtVQqik2nemzIorulgpmG-7-C1fTo

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tarotrealm1234.top/	1970-01-21 05:20:29	Name: cf_clearance Value: HmhI5xxBklLV7EY_nh3Dk0ewdp4vnsHKSmZP6r4M3N4-1715693445-1.0.1.1-RTeZOdAGyzYHH4_mHFUteacrZZvAM_QTzMEou.AHgtZpVM1NxPVR7WVDl0.8omF_7rxJxVivd0B3xtGcOMRMlg
.tarotrealm1234.top/	1970-01-21 06:10:53	Name: _ga Value: GA1.1.172738698.1715693446
.tarotrealm1234.top/	1970-01-21 06:10:53	Name: _ga_D5KZSV1VCB Value: GS1.1.1715693446.1.0.1715693446.0.0.0
.tarotrealm1234.top/	1970-01-21 00:54:05	Name: __eoi Value: ID=3862b22e7c8d9e5e:T=1715693446:RT=1715693446:S=AA-AfjbmirMf9WTWH_zeevNbWVGn

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

f832868216e7fb2cf0ba53bbea8cc555.safeframe.googlesyndication.com
icons.gamescdn.top
pagead2.googlesyndication.com
region1.google-analytics.com
res.gamescdn.top
securepubads.g.doubleclick.net
tarotrealm1234.top
tpc.googlesyndication.com
www.googletagmanager.com
pagead2.googlesyndication.com
142.250.185.194
142.250.186.66
188.114.96.3
2001:4860:4802:34::36
2606:4700::6812:c20
2a00:1450:4001:811::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2001
2a06:98c1:3121::3
167b28e8b6a7976c9d02be0786b0361c2e5a7a131cc713efe1f46ee2aae543d2
1a45780e45a6bd202925017e88874504340d358954255f856b9dda2d1b91a76a
1e2eb7b59160dd9dd95bf0c53e468238eeeb4c79683494e7c7145489a9168908
1f49490a40239039d9eb89cd532c0a85ab499578d1ad12b6b5b405395c74be91
24dfab1d88ba045dc69c5f7b8ab2d9c68bf7ddfa1b79035ed6df440289238342
27bd6bb90eef3184a28d2ec4c0f91d88fcd6d369ba8c7d8984788f7473480947
285ff45ad0049856ce1bdd69f0a8db152a008cf5a961bc79c1458e00125f2db4
3265efe24e4a77db305f1198fc9f51d703d002ec2b2d80ebd303327d26e34b2d
3a0861fa13e6a868eb064425a54c16ee63bbda6ad442c36de2fa934e461c3c6a
3d56ce5752058dde7c00854a674e5c488d5d63a890628516d4e6361ab62978b3
3fe6546296a0a64c38f102a952b0e3d2cef6f8b99dc4f162dbb2b8baad21b190
4217d79c81940cb5c94fbcbc0ea862f63ceea169b26cebd2819fd6e8016ff398
4dcaeddd646fbacc2222460871c640fd6aaf14665e48707b9c7d0175c93b13b6
5787d6c2f17c3ec068f737a56d6a627005405a03f75cf7d815614f452caaff3b
5a0ff3e76e049b1262631cb0e1d7c424ef8ffb73745d90ad0acc291f4e9c2853
5f9d860d8faa07f79ae7a134334f830736899a3a04e29fe795a1f70d3f19e1ae
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
651ed70430e4737f1f0e1a434885775eff39dd4c2ca12aabfef27c8420d57118
7bced559070a3843c7d68869ed5fa95215cb6fde0dfa295dd669372978c34860
7fbdb9d1a1daa9faca9b73f546f74b2fca002f4c9953b81b20b2a9b9b8e243e3
84d39219097d5843cfbeb6d6f0efd56a801a083ed76c64cd6d210b282051e2a5
944317a1bf7c4ade4ead859f33f9e005b8e0bfc05075799786a87a60a2b0eea0
9f05490fcc6a6c26a819b8df6bcc729e38270270dc28528a2147764e9900aeb1
ab6d62afefb8b82d4dc908c6ae42f243484be1f61a6edda9861264531fed55be
b15dea29ad4c7f233a7c222d09642baf47a53e1bd45b10bdb8c0a1ce8cdccad8
b972da1f9da0a7237139330c766844fb6b62defe8795c06e8549842aaa0d67e6
c5d081e4aa3520cc8903f079179fd1cde836653ba5a0dc8473db515489d3183d
cb9508653d70ae0f8e96ee607b63ef139875c6ecd05c271f875ef5cd118532d5
cc2ad712debd9c019efda480f1cfb969ddaeb712ac30ae24d2370f8f19f6b294
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
dd0e864bd7605658db1930286ef3ade510f8e61bacf8300b2e55ebd652cf6015
de78b974057b018d5d3fb515819f7b0297f3c874f062db59a1882b37c3b90492
e2c1c288a0340f9a2b10517d1eece34605ff15ceb0ac8fe3e48d9ad6d9bd7712
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48674b241f95ad53f6658a3f4250964ad6d79634b4143c27776e2d111990e93
eedc9e0acd9e8ed4e0f00c0605acf6f05a1bfb9b856454f8ce18dd00dc56cd81
f116dab807b0851d1ed064614bb23ccb0ae6eca2ffe0e55772338f74523e6d04
f322d34038d472d7212ff714438474b59392eccb3ce95789bc0271900a2e607f
f889bcd347f828bf0e91d26082280052a5c38268f145676cd015338f086c8665

tarotrealm1234.top Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

96 %HTTPS

67 %IPv6

6 Domains

9 Subdomains

10 IPs

3 Countries

444 kBTransfer

1341 kBSize

4 Cookies

0 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tarotrealm1234.top Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

96 %
HTTPS

67 %
IPv6

6
Domains

9
Subdomains

10
IPs

3
Countries

444 kB
Transfer

1341 kB
Size

4
Cookies

45 HTTP transactions
0 data transactions