URL: https://www.realmoney.games/
Submission: On December 29 via automatic, source certstream-suspicious

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3037::ac43:963d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.realmoney.games.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 14th 2020. Valid for: a year.
This is the only time www.realmoney.games was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
7 www.realmoney.games www.realmoney.games
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 pagead2.googlesyndication.com www.realmoney.games
pagead2.googlesyndication.com
5 fonts.gstatic.com www.realmoney.games
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www8.afsanalytics.com code.afsanalytics.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 code.afsanalytics.com www.realmoney.games
31 11
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-14 -
2021-10-13
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.afsanalytics.com
AlphaSSL CA - SHA256 - G2
2020-09-06 -
2021-10-08
a year crt.sh
*.googleadservices.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.google.de
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.realmoney.games/
Frame ID: 5F558D520D87EC8FE9A0519D1D399ED2
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 4DEF207BEA567E3FFAC1082F3D403660
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3219119965238567&output=html&adk=1812271804&adf=3025194257&lmt=1609224776&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.realmoney.games%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609224776688&bpp=14&bdt=1836&idt=93&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6577949485077&frm=20&pv=2&ga_vid=2028300041.1609224777&ga_sid=1609224777&ga_hid=1778550975&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068945&oid=3&pvsid=2469702129158597&pem=740&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=112
Frame ID: E55613DFFE0A9A11CCD535B94B9FD95F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3219119965238567&output=html&h=280&adk=3665117442&adf=1623955786&pi=t.aa~a.1219198433~i.8~rp.4&w=970&fwrn=4&fwrnh=100&lmt=1609224777&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6759260099&psa=0&ad_type=text_image&format=970x280&url=https%3A%2F%2Fwww.realmoney.games%2F&flash=0&fwr=0&pra=3&rh=200&rw=970&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609224777193&bpp=3&bdt=2341&idt=-M&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4907f9491de621fb-22a365f391a600c8%3AT%3D1609224776%3ART%3D1609224776%3AS%3DALNI_MYzEKeftD-0czAOga66bdBXLKqSAw&prev_fmts=0x0&nras=2&correlator=6577949485077&frm=20&pv=1&ga_vid=2028300041.1609224777&ga_sid=1609224777&ga_hid=1778550975&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068945&oid=3&pvsid=2469702129158597&pem=740&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=9UUOnx3nIC&p=https%3A//www.realmoney.games&dtd=31
Frame ID: 2032FDA10080A39D0A687C9C9002D509
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3219119965238567&output=html&h=280&adk=3665117442&adf=4242673422&pi=t.aa~a.1219198433~i.9~rp.4&w=970&fwrn=4&fwrnh=100&lmt=1609224777&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6759260099&psa=0&ad_type=text_image&format=970x280&url=https%3A%2F%2Fwww.realmoney.games%2F&flash=0&fwr=0&pra=3&rh=200&rw=970&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609224777193&bpp=1&bdt=2342&idt=1&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4907f9491de621fb-22a365f391a600c8%3AT%3D1609224776%3ART%3D1609224776%3AS%3DALNI_MYzEKeftD-0czAOga66bdBXLKqSAw&prev_fmts=0x0%2C970x280&nras=3&correlator=6577949485077&frm=20&pv=1&ga_vid=2028300041.1609224777&ga_sid=1609224777&ga_hid=1778550975&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068945&oid=3&pvsid=2469702129158597&pem=740&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=HtZfFytvmh&p=https%3A//www.realmoney.games&dtd=36
Frame ID: 064351F8AF00B2AF4C46B447C0975BBC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
Frame ID: 691B95F11EDB3A943F3E7C95F364027E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 546C19BFE9F4F52749993B66965949FA
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • script /react.*\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

31
Requests

97 %
HTTPS

67 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

1070 kB
Transfer

3439 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.realmoney.games/
154 KB
31 KB
Document
General
Full URL
https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:963d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
927f955ddef0fbb16ab28775e548b757f6f57863177a3843d4125305816b8691

Request headers

:method
GET
:authority
www.realmoney.games
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:52:54 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d213df33d1c410b77988f05c4504fac8a1609224773; expires=Thu, 28-Jan-21 06:52:53 GMT; path=/; domain=.realmoney.games; HttpOnly; SameSite=Lax; Secure cookielawinfo-checkbox-necessary=yes; expires=Tue, 29-Dec-2020 07:52:42 GMT; Max-Age=3600; path=/ cookielawinfo-checkbox-non-necessary=yes; expires=Tue, 29-Dec-2020 07:52:42 GMT; Max-Age=3600; path=/
cf-ray
609199d538d31f19-FRA
cache-control
s-max-age=604800, s-maxage=604800, max-age=60
link
<https://www.realmoney.games/wp-json/>; rel="https://api.w.org/", <https://www.realmoney.games/wp-json/wp/v2/pages/29530>; rel="alternate"; type="application/json", <https://www.realmoney.games/>; rel=shortlink
vary
Accept-Encoding
cf-cache-status
BYPASS
cf-request-id
074ede794400001f1970119000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
host-header
b7440e60b07ee7b8044761568fab26e8
sg-optimizer-cache-control
s-max-age=604800, s-maxage=604800, max-age=60
sg-optimizer-worker-status
miss
x-cache-enabled
True
x-proxy-cache
HIT
x-wp-cf-super-cache
cache
x-wp-cf-super-cache-active
1
x-wp-cf-super-cache-cache-control
s-maxage=604800, max-age=60
x-wp-cf-super-cache-cookies-bypass
swfpc-feature-not-enabled
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QM4rLyeCVAM%2FHosmtg98MGy%2BnZjJMjKn2eypqJLA6iuJ2VLjmkNj7ts4%2F%2BH2rn55ZKR2RO3xA2wD3McmgNdz4Ky743w%2BNsu5I0mR48zcJINA9Env05yF0NlDLvVVv%2FdD"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
P5
fonts.gstatic.com/s/arimo/v16/
0
0

modules.ttf
www.realmoney.games/wp-content/themes/Divi/core/admin/fonts/
90 KB
91 KB
Font
General
Full URL
https://www.realmoney.games/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:963d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Origin
https://www.realmoney.games
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:52:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1
host-header
b7440e60b07ee7b8044761568fab26e8
cf-request-id
074ede7cc700001f193e1ad000000001
sg-optimizer-worker-status
bypass
last-modified
Sun, 13 Dec 2020 19:48:07 GMT
server
cloudflare
etag
W/"168f0-5b65dcdf472ee-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iH1E1QGkuwvP%2BZTHz0hic%2FHIxpY2jMSK7Wfy6tPeQniAOtTAzk5omFsSs4CtOEJqsSo3Xm0MQuYmQE1C%2F0iDOlMFZGkF9D7tsojn%2FrshsucaS0QdTWtNJrnNozI7o98g"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
max-age=31536000
cf-ray
609199dad88f1f19-FRA
x-proxy-cache
MISS
expires
Wed, 29 Dec 2021 06:52:55 GMT
siteground-optimizer-combined-css-5638ac8e137e64325f58bdbbac235ce9.css
www.realmoney.games/wp-content/uploads/siteground-optimizer-assets/
1 MB
155 KB
Stylesheet
General
Full URL
https://www.realmoney.games/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-5638ac8e137e64325f58bdbbac235ce9.css
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:963d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c0a7c14c5bff0dc0ea780a96e1d261028614032e5abb69c1afb2317e75b8bde

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:52:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1
cf-polished
origSize=1188665
cf-bgj
minify
host-header
b7440e60b07ee7b8044761568fab26e8
cf-request-id
074ede7cc900001f1935381000000001
sg-optimizer-worker-status
bypass
last-modified
Tue, 29 Dec 2020 06:52:42 GMT
server
cloudflare
etag
W/"122339-5b794d6562219-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SAtCZdwEQ0GnJ3LGOhrIMkOOjSN0dbM9mN%2Buc7uCjYJpnjaHeZU53fdzu8x28cy%2BHWUh1b6LY6npYmDyL1vL9gyLRv3BLsAIFa3F%2Fq3%2BXSJ2Gj4pvvHyzKa1khI%2FIDOa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
609199dad8921f19-FRA
x-proxy-cache
MISS
expires
Wed, 29 Dec 2021 06:52:55 GMT
jquery.min.js
www.realmoney.games/wp-includes/js/jquery/
87 KB
30 KB
Script
General
Full URL
https://www.realmoney.games/wp-includes/js/jquery/jquery.min.js
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:963d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:52:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1
host-header
b7440e60b07ee7b8044761568fab26e8
cf-request-id
074ede7cc900001f195c025000000001
sg-optimizer-worker-status
bypass
last-modified
Wed, 09 Dec 2020 06:42:46 GMT
server
cloudflare
etag
W/"15d98-5b6025df69063-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Kg0D7%2BSfLRsqICk2LlMtOYZvrsyN0GVZ1uBJ%2BDdTKNKWs1sto4gNLlBksM%2BevNhf2eMZt05NbCLjf1sDRP%2BAT6p6yDg8ZSuwShiNWmkLBi4c%2FLNw%2BclBqZylGJ2Q2GqN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
609199dad8931f19-FRA
x-proxy-cache
MISS
expires
Wed, 29 Dec 2021 06:52:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
133 KB
46 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47107
x-xss-protection
0
server
cafe
etag
13290078405355148527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Dec 2020 06:52:56 GMT
Real-Money-Games-Logo.png
www.realmoney.games/wp-content/uploads/2016/11/
25 KB
26 KB
Image
General
Full URL
https://www.realmoney.games/wp-content/uploads/2016/11/Real-Money-Games-Logo.png
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:963d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d567bb0885857631e5f502e3e25e16b837d4955bf605d17065905f963c707fc

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:52:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
0
host-header
b7440e60b07ee7b8044761568fab26e8
content-length
25748
cf-request-id
074ede831500001f197aacf000000001
sg-optimizer-worker-status
bypass
last-modified
Fri, 08 Dec 2017 19:58:50 GMT
server
cloudflare
etag
"6494-55fd99cfe3280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W%2BgV40o75QYpcH3R%2Fpkf%2FiPNtpQRRwF59Xcs8xHc2KT8QxRM95NPj22KggXa7%2Bpv%2FloapCdL6v7jinD%2FvSk96IG194FCqIczovHWrVGH2eYLgLJxrSEVv4Ywm2XhS1we"}],"group":"cf-nel","max_age":604800}
content-type
image/png
expires
Wed, 29 Dec 2021 06:52:57 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
609199e4ee4d1f19-FRA
x-proxy-cache
MISS
siteground-optimizer-combined-js-00c9a8db555ff892ca0d70eff1805a3e.js
www.realmoney.games/wp-content/uploads/siteground-optimizer-assets/
756 KB
189 KB
Script
General
Full URL
https://www.realmoney.games/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-00c9a8db555ff892ca0d70eff1805a3e.js
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:963d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db912f5de5dff566524f8f15bdb7c7670803dbc6a767e957c74680aef92e4409

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:52:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
0
host-header
b7440e60b07ee7b8044761568fab26e8
cf-request-id
074ede833c00001f193e20d000000001
sg-optimizer-worker-status
bypass
last-modified
Tue, 29 Dec 2020 06:52:42 GMT
server
cloudflare
etag
W/"bce3d-5b794d6564542-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=adphcWDoAbOAhvU7y4FfZLJRhxoSj%2Fe76YYg6uJTlYpS78J7eo1XkH%2FFaitLCrZCRcjajR%2F4tQvdIDrTnthVnINIrFdEdO2tqyYs0TS%2FMHTZwP7nOmTFBjvmsHVp%2F8f2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
609199e52e9a1f19-FRA
x-proxy-cache
MISS
expires
Wed, 29 Dec 2021 06:52:57 GMT
data:truncated
data:truncated
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
mem8YaGs126MiZpBA-U1Ug.ttf
fonts.gstatic.com/s/opensans/v18/
91 KB
56 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-U1Ug.ttf
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b31b29a36863fed7e0d370f54e142ef7028b72915293aac0c441c0599f4cab13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.realmoney.games
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 19:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128925
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57484
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:25 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Dec 2021 19:04:11 GMT
memnYaGs126MiZpBA-UFUKWiUOhs.ttf
fonts.gstatic.com/s/opensans/v18/
87 KB
54 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKWiUOhs.ttf
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77f01e74ed47fd426e4083cf24c4b62dcea178d2b335b153254a1a39a88f2d59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.realmoney.games
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Dec 2020 09:29:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
422597
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55159
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:41 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Dec 2021 09:29:39 GMT
monarch.ttf
www.realmoney.games/wp-content/plugins/monarch/css/fonts/
15 KB
15 KB
Font
General
Full URL
https://www.realmoney.games/wp-content/plugins/monarch/css/fonts/monarch.ttf
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-5638ac8e137e64325f58bdbbac235ce9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:963d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f

Request headers

Origin
https://www.realmoney.games
Referer
https://www.realmoney.games/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-5638ac8e137e64325f58bdbbac235ce9.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:52:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1
host-header
b7440e60b07ee7b8044761568fab26e8
cf-request-id
074ede835900001f195d146000000001
sg-optimizer-worker-status
bypass
last-modified
Thu, 24 Dec 2020 10:56:31 GMT
server
cloudflare
etag
W/"3af8-5b733a911ebfa-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=THr8n%2BjhzRE0MFhGmMAgtVQ1tOtcKjiGNHdRxwvtKrzyZcfXdTHge9D3k7SlwmsQnkSzaD4XEaWUQRXHY8zu90KsCtIZnMSaX2uqC7eE0GAVndMr%2Fb4TpG9obm5ZiBuK"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
max-age=31536000
cf-ray
609199e55ec71f19-FRA
x-proxy-cache
MISS
expires
Wed, 29 Dec 2021 06:52:56 GMT
mem5YaGs126MiZpBA-UN7rg-VQ.ttf
fonts.gstatic.com/s/opensans/v18/
98 KB
59 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rg-VQ.ttf
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e29dc8ef81abb32e95492f2003fcd6b226d666c1496c6d07a8a66c3f37258826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.realmoney.games
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 20:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125444
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60313
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:48 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Dec 2021 20:02:12 GMT
mem6YaGs126MiZpBA-UFUJ0e.ttf
fonts.gstatic.com/s/opensans/v18/
86 KB
54 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUJ0e.ttf
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1de1141d653f5bc8d3826dc6e08b4031a3694d5bf1e908ce83a916d583392109
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.realmoney.games
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
557
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55142
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:44 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Dec 2021 06:43:39 GMT
mem5YaGs126MiZpBA-UNirk-VQ.ttf
fonts.gstatic.com/s/opensans/v18/
95 KB
59 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirk-VQ.ttf
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b329c5c2cde5749cabd668aabd9a4dbbb0efb1087237793457311282dd7f7ade
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.realmoney.games
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 06:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86169
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59805
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:43 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Dec 2021 06:56:47 GMT
analytics.js
code.afsanalytics.com/js/
86 KB
24 KB
Script
General
Full URL
https://code.afsanalytics.com/js/analytics.js
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.57.44 Newark, United States, ASN16276 (OVH, FR),
Reverse DNS
code.afsanalytics.com
Software
Apache /
Resource Hash
0fd5df88a668e5e342127a6c22ed6334386e0313c0b94f211cb4d272afca5ae7

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 29 Dec 2020 06:52:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Oct 2020 14:28:37 GMT
Server
Apache
ETag
"156ff-5b0d92e71df1b-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
23853
Expires
Tue, 29 Dec 2020 07:52:56 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/
234 KB
87 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
89527
x-xss-protection
0
server
cafe
etag
1810063338415286733
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Dec 2020 06:52:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 4DEF
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201203/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.realmoney.games/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.realmoney.games/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 28 Dec 2020 10:01:15 GMT
expires
Mon, 11 Jan 2021 10:01:15 GMT
content-type
text/html; charset=UTF-8
etag
10723747146953794269
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4923
x-xss-protection
0
age
75101
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cookie.js?domain=www.realmoney.games&callback=_gfp_s_&client=ca-pub-3219119965238567
partner.googleadservices.com/gampad/
205 B
264 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.realmoney.games&callback=_gfp_s_&client=ca-pub-3219119965238567
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
a60f4e6af9cfbbbd59192f875e4e9f42627b9b8eabbcee840d7121f4a8d7d892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js?domain=www.realmoney.games
adservice.google.de/adsid/
109 B
169 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.realmoney.games
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Dec 2020 06:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js?domain=www.realmoney.games
adservice.google.com/adsid/
109 B
169 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.realmoney.games
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Dec 2020 06:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3219119965238567&output=html&adk=1812271804&adf=3025194257&lmt=1609224776&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%...
googleads.g.doubleclick.net/pagead/ Frame E556
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3219119965238567&output=html&adk=1812271804&adf=3025194257&lmt=1609224776&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.realmoney.games%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609224776688&bpp=14&bdt=1836&idt=93&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6577949485077&frm=20&pv=2&ga_vid=2028300041.1609224777&ga_sid=1609224777&ga_hid=1778550975&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068945&oid=3&pvsid=2469702129158597&pem=740&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=112
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3219119965238567&output=html&adk=1812271804&adf=3025194257&lmt=1609224776&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.realmoney.games%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609224776688&bpp=14&bdt=1836&idt=93&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6577949485077&frm=20&pv=2&ga_vid=2028300041.1609224777&ga_sid=1609224777&ga_hid=1778550975&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068945&oid=3&pvsid=2469702129158597&pem=740&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=112
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.realmoney.games/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.realmoney.games/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 29 Dec 2020 06:52:57 GMT
server
cafe
content-length
38812
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 29-Dec-2020 07:07:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 29 Dec 2020 06:52:57 GMT
cache-control
private
osd.js?cb=%2Fr20100101
www.googletagservices.com/activeview/js/current/
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607690616793149"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28334
x-xss-protection
0
expires
Tue, 29 Dec 2020 06:52:56 GMT
connect.cgi?usr=00833838Pauto&json=1&localcook=0&js=1&page=titleindex&title=Real%20Money%20Games%20Online%20-%2021%20Ways%20To%20Play%20Games%20To%20Win%20Real%20Money&url=https%3A%2F%2Fwww.realmon...
www8.afsanalytics.com/cgi-bin/
265 B
888 B
XHR
General
Full URL
https://www8.afsanalytics.com/cgi-bin/connect.cgi?usr=00833838Pauto&json=1&localcook=0&js=1&page=titleindex&title=Real%20Money%20Games%20Online%20-%2021%20Ways%20To%20Play%20Games%20To%20Win%20Real%20Money&url=https%3A%2F%2Fwww.realmoney.games%2F&refer=&view=5&mpix=1200&zb=1&cv=7&resolution=1600x1200&color=24&Tips=0.3704910583804637
Requested by
Host: code.afsanalytics.com
URL: https://code.afsanalytics.com/js/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.104.202 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
www8.afsanalytics.com
Software
Apache /
Resource Hash
45fe6457b4b02cae05c7b90de64f35ec60f25673d50cea4e48283161b7aa7bd2

Request headers

Accept
application/json
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 29 Dec 2020 06:52:58 GMT
Server
Apache
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="ADMa OUR UNI NID DSP NOI COR"
Access-Control-Allow-Origin
https://www.realmoney.games
Access-Control-Max-Age
7200
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Headers
X-Forwarded-For, Forwarded-For, X-Client-IP, Client-IP, X-Real-IP, X-Requested-With, Content-Type,withCredentials
Keep-Alive
timeout=15
Expires
Tue, 20 Aug 1996 14:25:27 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/
145 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3b0e1ed6cb79ccf93702fd66f2371d4f73de62937c237270b7d70f25300bda1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:52:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
53263
x-xss-protection
0
server
cafe
etag
8848748755015014073
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Dec 2020 06:52:57 GMT
www.realmoney.games&dtd=31
googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3219119965238567&output=html&h=280&adk=3665117442&adf=1623955786&pi=t.aa~a.1219198433~i.8~rp.4&w=970&fwrn=4&fwrnh=100&lmt=1... Frame 2032
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3219119965238567&output=html&h=280&adk=3665117442&adf=1623955786&pi=t.aa~a.1219198433~i.8~rp.4&w=970&fwrn=4&fwrnh=100&lmt=1609224777&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6759260099&psa=0&ad_type=text_image&format=970x280&url=https%3A%2F%2Fwww.realmoney.games%2F&flash=0&fwr=0&pra=3&rh=200&rw=970&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609224777193&bpp=3&bdt=2341&idt=-M&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4907f9491de621fb-22a365f391a600c8%3AT%3D1609224776%3ART%3D1609224776%3AS%3DALNI_MYzEKeftD-0czAOga66bdBXLKqSAw&prev_fmts=0x0&nras=2&correlator=6577949485077&frm=20&pv=1&ga_vid=2028300041.1609224777&ga_sid=1609224777&ga_hid=1778550975&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068945&oid=3&pvsid=2469702129158597&pem=740&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=9UUOnx3nIC&p=https%3A//www.realmoney.games&dtd=31
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3219119965238567&output=html&h=280&adk=3665117442&adf=1623955786&pi=t.aa~a.1219198433~i.8~rp.4&w=970&fwrn=4&fwrnh=100&lmt=1609224777&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6759260099&psa=0&ad_type=text_image&format=970x280&url=https%3A%2F%2Fwww.realmoney.games%2F&flash=0&fwr=0&pra=3&rh=200&rw=970&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609224777193&bpp=3&bdt=2341&idt=-M&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4907f9491de621fb-22a365f391a600c8%3AT%3D1609224776%3ART%3D1609224776%3AS%3DALNI_MYzEKeftD-0czAOga66bdBXLKqSAw&prev_fmts=0x0&nras=2&correlator=6577949485077&frm=20&pv=1&ga_vid=2028300041.1609224777&ga_sid=1609224777&ga_hid=1778550975&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068945&oid=3&pvsid=2469702129158597&pem=740&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=9UUOnx3nIC&p=https%3A//www.realmoney.games&dtd=31
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.realmoney.games/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.realmoney.games/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 29 Dec 2020 06:52:57 GMT
server
cafe
content-length
22758
x-xss-protection
0
set-cookie
IDE=AHWqTUmgA-5wEVLIDAuNvpegcPOWT8PxD-80xyTG5DdIDMhakTvWqrFjZ65xi5k1; expires=Sun, 23-Jan-2022 06:52:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 29 Dec 2020 06:52:57 GMT
cache-control
private
www.realmoney.games&dtd=36
googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3219119965238567&output=html&h=280&adk=3665117442&adf=4242673422&pi=t.aa~a.1219198433~i.9~rp.4&w=970&fwrn=4&fwrnh=100&lmt=1... Frame 0643
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3219119965238567&output=html&h=280&adk=3665117442&adf=4242673422&pi=t.aa~a.1219198433~i.9~rp.4&w=970&fwrn=4&fwrnh=100&lmt=1609224777&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6759260099&psa=0&ad_type=text_image&format=970x280&url=https%3A%2F%2Fwww.realmoney.games%2F&flash=0&fwr=0&pra=3&rh=200&rw=970&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609224777193&bpp=1&bdt=2342&idt=1&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4907f9491de621fb-22a365f391a600c8%3AT%3D1609224776%3ART%3D1609224776%3AS%3DALNI_MYzEKeftD-0czAOga66bdBXLKqSAw&prev_fmts=0x0%2C970x280&nras=3&correlator=6577949485077&frm=20&pv=1&ga_vid=2028300041.1609224777&ga_sid=1609224777&ga_hid=1778550975&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068945&oid=3&pvsid=2469702129158597&pem=740&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=HtZfFytvmh&p=https%3A//www.realmoney.games&dtd=36
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3219119965238567&output=html&h=280&adk=3665117442&adf=4242673422&pi=t.aa~a.1219198433~i.9~rp.4&w=970&fwrn=4&fwrnh=100&lmt=1609224777&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6759260099&psa=0&ad_type=text_image&format=970x280&url=https%3A%2F%2Fwww.realmoney.games%2F&flash=0&fwr=0&pra=3&rh=200&rw=970&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609224777193&bpp=1&bdt=2342&idt=1&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4907f9491de621fb-22a365f391a600c8%3AT%3D1609224776%3ART%3D1609224776%3AS%3DALNI_MYzEKeftD-0czAOga66bdBXLKqSAw&prev_fmts=0x0%2C970x280&nras=3&correlator=6577949485077&frm=20&pv=1&ga_vid=2028300041.1609224777&ga_sid=1609224777&ga_hid=1778550975&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=3934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068945&oid=3&pvsid=2469702129158597&pem=740&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=HtZfFytvmh&p=https%3A//www.realmoney.games&dtd=36
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.realmoney.games/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.realmoney.games/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 29 Dec 2020 06:52:57 GMT
server
cafe
content-length
22616
x-xss-protection
0
set-cookie
IDE=AHWqTUnAN7zs8X_mmJBpeXeHfT_f5bV7dzt_AgpT9dhawcHTA4vgYJTgi-RRUHRu; expires=Sun, 23-Jan-2022 06:52:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 29 Dec 2020 06:52:57 GMT
cache-control
private
zrt_lookup.html?fsb=1
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 691B
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.realmoney.games/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.realmoney.games/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 28 Dec 2020 18:46:21 GMT
expires
Mon, 11 Jan 2021 18:46:21 GMT
content-type
text/html; charset=UTF-8
etag
10723747146953794269
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4923
x-xss-protection
0
age
43596
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
sodar?sv=200&tid=gda&tv=r20201203&st=env
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0175cdc8cf831bff079168d437d6bfba2701a307561c392ee2439cc64029f63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Dec 2020 06:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6455
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 06:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Tue, 29 Dec 2020 06:52:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 546C
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.realmoney.games/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.realmoney.games/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Mon, 28 Dec 2020 23:29:18 GMT
expires
Tue, 28 Dec 2021 23:29:18 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
26620
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=2469702129158597&bg=!DA-lDy_NAAUbEDgJG1iTrdTROoTgqQIAAACYUgAAABNoAQcKAQBooPa1sB9vKU-R9-BEAtmsUoa08q0r1zwKAn-6CZtKLdiL9n_wEw8v3L7-UivJs6ntYzY13fJeYwhF...
pagead2.googlesyndication.com/pagead/
0
200 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=2469702129158597&bg=!DA-lDy_NAAUbEDgJG1iTrdTROoTgqQIAAACYUgAAABNoAQcKAQBooPa1sB9vKU-R9-BEAtmsUoa08q0r1zwKAn-6CZtKLdiL9n_wEw8v3L7-UivJs6ntYzY13fJeYwhFMKPncQWR6vP8D-z8dWOk3NWo7s13zN--7rsma_68nRjxDVovcyp-mvrcd9o7eVMpLD3jlMDpJaiZN6mieEGUMe7MWdXkFXuNHMFNcUnM3-IRe3VMnz5rljud0gtdglsz4PPUOrnlEH-zxpQ4JorarTpaZqkA_K_w2Be8ZLf6dwfv0VYrrhYwCc1Z3wRGvMFJ0mpa0erjCrEXL78I1p6_i7F-mwYlY9ZrdKEgaV6Tm6_iPRROn1NV0eWaH948tCA57ugf08aBmQG8c2ZqQ3fHkHHma5gH05udFMx-rq1TK0QlMcGEfbK7XYX4JPR1oeve27jwT7EhjXbusuR4K3bx6dkCq9zQC5aebGdQWEI3sB5ktkWHxJWMQT-DPCQNqziuevLu0Pp0XW0KUN-gmUoTA-8eSSu2KGqSDMie9a_93NjH3ZofOl2-wRyi-HxwaCQyWwQicgoZEVhJKILd5j59_NraQ2n_BEjTKdtWXD0xRPOZAJwaj_cCxOJXlqc4czU72WJbHHUnoqg3Wy7tLGzmzwsBGiWndvyjLzB8PmHla-tEaNETFr3xzCE8Gg5JsBfMsA75nRBZsZTKDuzFmZeGZKuLKScRP_crEEmC61rwqmGTfkzsbfTHZy6YVCkQmBHYkb0royy0KwXWMi2HD0eb7lgr45Oiuzr1qesXnZ5V77gWuV9VC9UTCM5l6oTvbzpjfvTMBKMYEjOKe6TAdUrM0gdicGgtCIMimh_A9y_A2PiTwE3V_DQEclRbS1fzLxoJbuH3TyUh1xPhbsqcEH05TnmjfszGiAs9J9zVjoYgj0ef32TPM1i6sm1oPBn3gFYoNciIScmMgvSPcU4rV-8FEP1bSmlI
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Dec 2020 06:52:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/arimo/v16/P5

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| et_site_url string| et_post_id function| et_core_page_resource_fallback undefined| $ function| jQuery object| adsbygoogle string| AfsAnalyticsObject function| aa object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| monarchSettings object| DIVI object| et_shortcodes_strings object| et_pb_custom object| et_builder_utils_params object| et_frontend_scripts object| et_pb_box_shadow_elements object| et_pb_motion_elements object| et_pb_sticky_elements object| DiviBlogExtrasFrontendData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| afsdebug number| oldfocus number| afslogo function| encodeWrapper function| decodeWrapper function| aa_listen_clicked function| aa_clicked string| FirstTrackerName object| google_llp number| google_lpabyc number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.realmoney.games/ Name: __gads
Value: ID=4907f9491de621fb-22a365f391a600c8:T=1609224776:RT=1609224776:S=ALNI_MYzEKeftD-0czAOga66bdBXLKqSAw
.doubleclick.net/ Name: IDE
Value: AHWqTUmgA-5wEVLIDAuNvpegcPOWT8PxD-80xyTG5DdIDMhakTvWqrFjZ65xi5k1
.realmoney.games/ Name: _aa_main_00833838
Value: 833838x7663x37x91215x7663x37
www.realmoney.games/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
www.realmoney.games/ Name: cookielawinfo-checkbox-necessary
Value: yes
.realmoney.games/ Name: __cfduid
Value: d213df33d1c410b77988f05c4504fac8a1609224773

1 Console Messages

Source Level URL
Text
console-api log URL: https://code.afsanalytics.com/js/analytics.js(Line 169)
Message:
The analytics.js library from AFS Analytics is loaded. 0410-1608

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
code.afsanalytics.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.googletagservices.com
www.realmoney.games
www8.afsanalytics.com
fonts.gstatic.com
158.69.57.44
172.217.23.98
192.99.104.202
2606:4700:3037::ac43:963d
2a00:1450:4001:816::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2001
2a00:1450:4001:821::2002
0175cdc8cf831bff079168d437d6bfba2701a307561c392ee2439cc64029f63f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0fd5df88a668e5e342127a6c22ed6334386e0313c0b94f211cb4d272afca5ae7
1de1141d653f5bc8d3826dc6e08b4031a3694d5bf1e908ce83a916d583392109
3d567bb0885857631e5f502e3e25e16b837d4955bf605d17065905f963c707fc
45fe6457b4b02cae05c7b90de64f35ec60f25673d50cea4e48283161b7aa7bd2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
77f01e74ed47fd426e4083cf24c4b62dcea178d2b335b153254a1a39a88f2d59
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
927f955ddef0fbb16ab28775e548b757f6f57863177a3843d4125305816b8691
9c0a7c14c5bff0dc0ea780a96e1d261028614032e5abb69c1afb2317e75b8bde
a60f4e6af9cfbbbd59192f875e4e9f42627b9b8eabbcee840d7121f4a8d7d892
b31b29a36863fed7e0d370f54e142ef7028b72915293aac0c441c0599f4cab13
b329c5c2cde5749cabd668aabd9a4dbbb0efb1087237793457311282dd7f7ade
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
db912f5de5dff566524f8f15bdb7c7670803dbc6a767e957c74680aef92e4409
e29dc8ef81abb32e95492f2003fcd6b226d666c1496c6d07a8a66c3f37258826
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b0e1ed6cb79ccf93702fd66f2371d4f73de62937c237270b7d70f25300bda1
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149