urlscan.io logo urlscan.io
SecurityTrails logo

play.paradisetycoon.com Open in urlscan Pro
2606:4700:20::ac43:4599  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://play.paradisetycoon.com/
Effective URL: https://play.paradisetycoon.com/
Submission: On June 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 28 HTTP transactions. The main IP is 2606:4700:20::ac43:4599, located in United States and belongs to CLOUDFLARENET, US. The main domain is play.paradisetycoon.com.
TLS certificate: Issued by GTS CA 1P5 on June 1st 2024. Valid for: 3 months.
This is the only time play.paradisetycoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2606:4700:20::ac43:4599 (United States)

ASN13335 (CLOUDFLARENET, US)
play.paradisetycoon.com
4    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    172.67.69.153 (United States)

ASN13335 (CLOUDFLARENET, US)
play.paradisetycoon.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700::6812:16e3 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.magic.link
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
13 paradisetycoon.com
play.paradisetycoon.com
350 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
874 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
ajax.googleapis.com — Cisco Umbrella Rank: 457
32 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
73 KB
1 magic.link
auth.magic.link — Cisco Umbrella Rank: 237606
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2347
259 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
94 KB
28 8
Domain Requested by
13 play.paradisetycoon.com play.paradisetycoon.com
4 cdn.jsdelivr.net play.paradisetycoon.com
2 www.facebook.com
2 connect.facebook.net play.paradisetycoon.com
connect.facebook.net
2 fonts.googleapis.com play.paradisetycoon.com
1 auth.magic.link cdn.jsdelivr.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com play.paradisetycoon.com
1 ajax.googleapis.com play.paradisetycoon.com
28 9

This site contains no links.

Subject Issuer Validity Valid
paradisetycoon.com
GTS CA 1P5		 2024-06-01 -
2024-08-30		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-26 -
2024-06-24		 3 months crt.sh
magic.link
E1		 2024-05-14 -
2024-08-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://play.paradisetycoon.com/
Frame ID: F194274D678F8FDFBC912EC57AC5ACDA
Requests: 27 HTTP requests in this frame

Frame: https://auth.magic.link/send?params=eyJBUElfS0VZIjoicGtfbGl2ZV8xMEY0MjM3OThBNTQwRUQ3IiwiRE9NQUlOX09SSUdJTiI6Imh0dHBzOi8vcGxheS5wYXJhZGlzZXR5Y29vbi5jb20iLCJFVEhfTkVUV09SSyI6Im1haW5uZXQiLCJob3N0IjoiYXV0aC5tYWdpYy5saW5rIiwic2RrIjoibWFnaWMtc2RrIiwidmVyc2lvbiI6IjIxLjIuMCIsImxvY2FsZSI6ImVuX1VTIn0%3D
Frame ID: 47D596E8340BDBD82D1BBC750A15D033
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paradise Tycoon | Play

Page URL History Show full URLs

  1. http://play.paradisetycoon.com/ HTTP 307
    https://play.paradisetycoon.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

28
Requests

96 %
HTTPS

90 %
IPv6

8
Domains

9
Subdomains

11
IPs

2
Countries

1426 kB
Transfer

46676 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://play.paradisetycoon.com/ HTTP 307
    https://play.paradisetycoon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
play.paradisetycoon.com/
Redirect Chain
  • http://play.paradisetycoon.com/
  • https://play.paradisetycoon.com/
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.paradisetycoon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4599 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2938ce7bfee27450dc74f7e99583ca1c7236b2647dc6e64760cd4d655b7c9aca

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
894de68a98f21942-FRA
content-encoding
br
content-type
text/html
date
Sun, 16 Jun 2024 21:30:21 GMT
last-modified
Thu, 13 Jun 2024 16:12:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=39M0qrdGr1w4I4mY5pABKU8cA3FZGsi6TXSN92e8s%2B9x3Sd5pDp5dd5B05xhQiRAigy2vI7wBu6VdApPlDmegXvG5mcw3XKDMTyfDTAphlOiwDJn8QHJWN7uZkGzZz8B2%2BoBdBASNGO3rU5pjFxB2iixITcQ"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://play.paradisetycoon.com/
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Origin
https://play.paradisetycoon.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jun 2024 21:30:21 GMT
x-content-type-options
nosniff
content-encoding
br
age
1004418
x-jsd-version
5.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25360
x-served-by
cache-fra-etou8220121-FRA
x-jsd-version-type
version
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jun 2024 21:30:21 GMT
x-content-type-options
nosniff
content-encoding
br
age
2211263
x-jsd-version
1.9.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
11979
x-served-by
cache-fra-etou8220112-FRA
x-jsd-version-type
version
etag
W/"15a09-bhLh682YP4SOXCgKt3ZJ7rROdLw"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
play.paradisetycoon.com/TemplateData/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.paradisetycoon.com/TemplateData/style.css?v=5
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4599 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef87c45166ca17b8109f97464c2966b7e7494139bc5a33cf7e147479e7c8d81e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 21:30:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 12 May 2024 19:23:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4777
etag
W/"6641171a-13a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Em%2BKYiIMNXmMxMPKDNJ6RkEt34hqiaBa9pkz1kdpOQkjf4X6sNUUTQviwqWaqrCiNJt6wqEkNfS4Il97uMgVjyk2guy49slcaicCS1P%2B1DidH2wnKSTSbiYSQKsQY7dIEVkE4J4sumQ3ulOnVn88DYXgNWB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
894de68ae9371942-FRA
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		696 B
515 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9f5851c93a83d6f5bfb24f635e718d9fd9e57724377592bb8b1278f740a7c1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jun 2024 21:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Jun 2024 21:30:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jun 2024 21:30:21 GMT
css2
fonts.googleapis.com/ 		405 B
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Luckiest+Guy
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1bcdce26b1af4c15514b7d05dd8aa0987b95d82d24c635b177e5d61b3e3fe81e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jun 2024 21:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Jun 2024 21:30:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jun 2024 21:30:21 GMT
rocket-loader.min.js
play.paradisetycoon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.paradisetycoon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4599 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 21:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jun 2024 17:32:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66688a1d-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xygZQ1TQnFuIyqqtulNVZ6GM8uCTNRK%2B%2FJE1qisq2L54FG883yALJ%2FgpjCLh9KEMcs6CV%2BQjtueclmTaPCnXQEDF09n5peIc496P5GBB4Vb6%2Bbo%2BkRjRAmdfQ4xaj283nfRxJdTmiDplip2jyVnq8CoVb5rg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
894de68af94c1942-FRA
expires
Tue, 18 Jun 2024 21:30:21 GMT
pt.js
play.paradisetycoon.com/TemplateData/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.paradisetycoon.com/TemplateData/js/pt.js?v=0.60.16
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ebdf64068798a9f2f8147d2807843ed67bb21b7b6959eebdc74362c1e0d8caf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 21:30:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 13 Jun 2024 16:12:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3742
etag
W/"666b1a53-2287"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dRNaiKScTtxIKOQ%2BZhXDPkwPk9jKKvAQqZiUmn3UCyXACnTQzeCEDXldi1%2B%2Boy%2F%2B0I8LuS%2BvmNj8g02gwCN%2FXDabasWw2EEZhhY6AUzrdo822qRZMVQi%2BumSNw1FL5Yv1oKhUSm39MWJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
894de68b887b903a-FRA
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.7.0/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 03:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30433
x-xss-protection
0
last-modified
Wed, 17 May 2023 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Jun 2025 03:55:45 GMT
sdk
cdn.jsdelivr.net/npm/@imtbl/ 		4 MB
813 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@imtbl/sdk
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
09c162ccc633b36255af74e4d65103240728aca3351a1d4cd0381f4821241aa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jun 2024 21:30:21 GMT
x-content-type-options
nosniff
content-encoding
br
age
10934
x-jsd-version
1.41.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
831882
x-served-by
cache-fra-etou8220112-FRA
x-jsd-version-type
version
etag
W/"38375d-aJvphE5ZyTuYveEm0zMv7x83TQM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		269 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-33WJ5VDWG9
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60ff7b672d8cb84b3f986604fd3978aefa54893df339962df7bfbabb260a8a47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 21:30:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95697
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jun 2024 21:30:21 GMT
favicon.ico
play.paradisetycoon.com/TemplateData/ 		15 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://play.paradisetycoon.com/TemplateData/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea13be0957c96f216b486b0499f5295619c838ee368cf16cce70fb2516bfec84

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 21:30:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 12 May 2024 19:23:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7175
etag
W/"6641171a-3c2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fgzaYos6Y1d65ZWkajYu2S0cATUtlE0YB4EjJWCEGTW2IEzHH4JLRXfF0WacTteHEOWXKcDSlGB8imdD%2Brwkd2%2FYYMuzezRRRTH5QETkbWF4vVHtar2cpDYMzMMo370DISznGa58GECw"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
894de68b9890903a-FRA
alt-svc
h3=":443"; ma=86400
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-33WJ5VDWG9&gtm=45je46c0v880080787za200&_p=1718573421734&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1518796720.1718573422&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718573421&sct=1&seg=0&dl=https%3A%2F%2Fplay.paradisetycoon.com%2F&dt=Paradise%20Tycoon%20%7C%20Play&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=614
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-33WJ5VDWG9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 21:30:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://play.paradisetycoon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 16 Jun 2024 21:30:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1297, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
wYSPUnLuArFefuhNt3KVj851rFbz2Ihcx/I/1LofkgIMWU1H57/oHflNkb7OEA5m6Cqi6iDWg4DFdXRK+VPR1Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Origin
https://play.paradisetycoon.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jun 2024 21:30:21 GMT
x-content-type-options
nosniff
content-encoding
br
age
1525302
x-jsd-version
5.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23943
x-served-by
cache-fra-etou8220121-FRA
x-jsd-version-type
version
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
Paradise%20Tycoon%20WebGL%20Frontend.loader.js
play.paradisetycoon.com/Build/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.paradisetycoon.com/Build/Paradise%20Tycoon%20WebGL%20Frontend.loader.js?v=0.60.16
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/TemplateData/js/pt.js?v=0.60.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc67f19b823d7573a95124d8f667566d3a7641665cc3e288533ade402378c6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 21:30:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 13 Jun 2024 16:12:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7166
etag
W/"666b1a53-637d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CIS%2FiwrnpVx0qqPKQrhDIqNU32sZs%2Fvln7gKU%2B2tNMGuY8rXEFVN1QLfP3RxEiJwIvbfDVfdxG6oh8K4syRpaHj7afGpyqodJ75UvGHV7zjH5WswEj6w%2BbUlWY5UI0QxiS7QF4qyE36c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
894de68e8cad903a-FRA
alt-svc
h3=":443"; ma=86400
ptlogo.png
play.paradisetycoon.com/TemplateData/img/ 		201 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.paradisetycoon.com/TemplateData/img/ptlogo.png
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/TemplateData/style.css?v=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e70d43163f66ff8ebd8ffcc6149f10d11e86ccb19af21be606662c9e164993d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/TemplateData/style.css?v=5
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 21:30:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7166
cf-polished
origFmt=png, origSize=332037
content-disposition
inline; filename="ptlogo.webp"
alt-svc
h3=":443"; ma=86400
content-length
206130
cf-bgj
imgq:85,h2pri
last-modified
Sun, 12 May 2024 19:23:06 GMT
server
cloudflare
etag
"6641171a-51105"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Qsafvh90dEo%2Bjt2pVhzfMfTyBdyO%2FCiWAgZXOzxUnMsBORr0ZbYQ04NdmTG5QT4PNjhgHXIadGJwAy4ruoQpj2AWuyVTeMmQv%2BCnOQdaAfNu12BqwOWKIcwPdgk4RD3jgklgcenhqjg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
894de68e8cb8903a-FRA
cloud1.png
play.paradisetycoon.com/TemplateData/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.paradisetycoon.com/TemplateData/img/cloud1.png
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/TemplateData/style.css?v=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceff44d6e588dc58b7877056d06268d9feefc93ccd7fcc7e3b1e683cbbad367d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/TemplateData/style.css?v=5
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 21:30:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7158
cf-polished
origFmt=png, origSize=16806
content-disposition
inline; filename="cloud1.webp"
alt-svc
h3=":443"; ma=86400
content-length
6038
cf-bgj
imgq:85,h2pri
last-modified
Sun, 12 May 2024 19:23:06 GMT
server
cloudflare
etag
"6641171a-41a6"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YEu9nAr9wSbXlCEHHYJeNgO7%2BjSboVRj6PYsejgUuPMqSpqzPbHJJBwZhiKlhfRhS%2FmJw6JnCRE9EsYpVL4qCZQMK%2BFYHnl%2FXjz97klQZxZrds%2B8c85tjptD1uE2nATm%2Fk0A%2F9AqJDUi"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
894de68e8cba903a-FRA
cloud2.png
play.paradisetycoon.com/TemplateData/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.paradisetycoon.com/TemplateData/img/cloud2.png
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/TemplateData/style.css?v=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99388776d56302524069d6626e2ad671a1cf201ade5af4c6d41c86255c7f5d00

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/TemplateData/style.css?v=5
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 21:30:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7158
cf-polished
origFmt=png, origSize=10293
content-disposition
inline; filename="cloud2.webp"
alt-svc
h3=":443"; ma=86400
content-length
4350
cf-bgj
imgq:85,h2pri
last-modified
Sun, 12 May 2024 19:23:06 GMT
server
cloudflare
etag
"6641171a-2835"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OoLUr5j%2FmxHM55Z6kIHNOytaE2WKr25cNUCvrA%2FftN2EvNErKVUQcQXGOWxmInCN1COiCwNoxJxoMfvCq74fMwMp4xpUYxPkIMjV87myf7WN2LeuiMTQAhNmiPlkemlhhWJkfQ5dyDzL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
894de68e8cbd903a-FRA
cloud3.png
play.paradisetycoon.com/TemplateData/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.paradisetycoon.com/TemplateData/img/cloud3.png
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/TemplateData/style.css?v=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d1a091bdede771036b1e8e2f16d14351073d932e878de129c0578a3413689b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/TemplateData/style.css?v=5
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 21:30:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7158
cf-polished
origFmt=png, origSize=7843
content-disposition
inline; filename="cloud3.webp"
alt-svc
h3=":443"; ma=86400
content-length
3368
cf-bgj
imgq:85,h2pri
last-modified
Sun, 12 May 2024 19:23:06 GMT
server
cloudflare
etag
"6641171a-1ea3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=szMHiWs1j0h1xqhGa4Ma3b%2F7IJnCJvBoSWRdN0SvbX%2BL7Q0hxApb2c7uCdW%2BOjXfa3QM7OT6085znNIwxedS%2Bpfs2nzr4AKs%2F6cuPaQ7CcGcj2zzozp2aNx4fUFDapoC60cqBBIpoL4q"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
894de68e8cbf903a-FRA
cloud4.png
play.paradisetycoon.com/TemplateData/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.paradisetycoon.com/TemplateData/img/cloud4.png
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/TemplateData/style.css?v=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b734e513f6791e7796d302ca54e45a2449f1e1a672934c1e43943457a22ef3d8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/TemplateData/style.css?v=5
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 21:30:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6226
cf-polished
origFmt=png, origSize=14003
content-disposition
inline; filename="cloud4.webp"
alt-svc
h3=":443"; ma=86400
content-length
5670
cf-bgj
imgq:85,h2pri
last-modified
Sun, 12 May 2024 19:23:06 GMT
server
cloudflare
etag
"6641171a-36b3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kqmLRzDyYQRDbsZjDGlKRLOZhmyL946nOvdCARmqe6sgSMVrnafcGolb%2FF0H0gsxPcktBS2PiSPsWl3Ii9KQpZXzwpEa1%2BjriBn%2FKGU7AaiW9T%2Ba9CPf1swLgSpsbGjvhiLlPmrvM00b"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
894de68e8cc0903a-FRA
send
auth.magic.link/ Frame 47D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.magic.link/send?params=eyJBUElfS0VZIjoicGtfbGl2ZV8xMEY0MjM3OThBNTQwRUQ3IiwiRE9NQUlOX09SSUdJTiI6Imh0dHBzOi8vcGxheS5wYXJhZGlzZXR5Y29vbi5jb20iLCJFVEhfTkVUV09SSyI6Im1haW5uZXQiLCJob3N0IjoiYXV0aC5tYWdpYy5saW5rIiwic2RrIjoibWFnaWMtc2RrIiwidmVyc2lvbiI6IjIxLjIuMCIsImxvY2FsZSI6ImVuX1VTIn0%3D
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@imtbl/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://va.vercel-scripts.com/ https://vercel.live/ https://*.vercel.app https://www.google.com/ https://www.gstatic.com/ https://accounts.google.com/ https://www.paypal.com/ https://www.paypalobjects.com/ ; style-src 'self' 'unsafe-inline' https://*.vercel.app https://fonts.googleapis.com/ https://accounts.google.com/ https://*.paypal.com/; frame-src 'self' https://*.magic.link/ https://vercel.live/ https://www.google.com/ https://accounts.google.com/ https://www.sandbox.paypal.com/ https://assets.braintreegateway.com/ https://c.paypal.com/ https://buy.onramper.com https://onramper.tech https://crypto.sardine.ai/ https://crypto.sandbox.sardine.ai/; connect-src 'self' 'unsafe-inline' https://*.magic.link/ https://gbscache.magic.link https://vercel.live/ https://cognito.us-west-2.amazonaws.com/ https://kms.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://api.segment.io/ https://cdn.segment.com/ https://browser-intake-datadoghq.com/ https://*.launchdarkly.com/ https://accounts.google.com/ https://*.alchemy.com/ https://*.infura.io/ https://rpc.sepolia.com https://*.base.org https://*.cronos.org https://*.onflow.org https://*.fragmynt.network https://*.solidwallet.io https://*.hmny.io https://*.cryptonomic-infra.tech https://*.api.tez.ie https://ithacanet.ecadinfra.com https://ghostnet.tezos.marigold.dev wss://*.polkadot.io https://*.skalelabs.com https://*.skale.network https://*.skalenodes.com https://node.ghostnet.etherlink.com https://*.matic.today https://polygon-rpc.com https://*.rpc.rarichain.org https://*.solana.com https://api.zilliqa.com https://*.optimism.io https://alfajores-forno.celo-testnet.org https://forno.celo.org https://bsc-dataseed1.defibit.io https://*.moonbeam.network https://rpc.testnet.fantom.network https://rpc.ftm.tools https://*.arbitrum.io https://sepolia-rollup.arbitrum.io/rpc https://stage2-api.zksync.dev https://mainnet.era.zksync.io wss://mainnet.era.zksync.io https://testnet.era.zksync.dev wss://testnet.era.zksync.dev https://sepolia.era.zksync.dev https://*.telos.net https://*.aurora.dev https://*.metis.io https://*.velas.com https://rpc.publicmint.io:8545 https://*.p2pify.com https://*.myhbarwallet.com https://gwan-ssl.wandevs.org:56891 https://*.aptoslabs.com https://*.hedera.com https://*.swirldslabs.com https://*.swirlds.com https://*.zetachain.com https://*.blockpi.network https://zetachain-rpc.lavenderfive.com https://zetachain-mainnet-archive.allthatnode.com:* wss://zetachain-mainnet-archive.allthatnode.com:* https://rpc.ankr.com/chiliz https://spicy-rpc.chiliz.com https://alphanet.stble.io https://*.stabilityprotocol.com https://*.paypal.com https://*.ankr.com https://*.rpc.thirdweb.com https://rpc.decentraland.org; img-src 'self' blob: data: https://assets.fortmatic.com https://*.paypal.com/ https://www.paypalobjects.com/ https://*.alchemy.com/ https://i.seadn.io/ https://flagcdn.com/ ; font-src 'self' https://fonts.gstatic.com/; object-src 'none'; base-uri 'self'; form-action 'self'; worker-src 'self' blob:; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://play.paradisetycoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
894de68f4d211c44-FRA
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://va.vercel-scripts.com/ https://vercel.live/ https://*.vercel.app https://www.google.com/ https://www.gstatic.com/ https://accounts.google.com/ https://www.paypal.com/ https://www.paypalobjects.com/ ; style-src 'self' 'unsafe-inline' https://*.vercel.app https://fonts.googleapis.com/ https://accounts.google.com/ https://*.paypal.com/; frame-src 'self' https://*.magic.link/ https://vercel.live/ https://www.google.com/ https://accounts.google.com/ https://www.sandbox.paypal.com/ https://assets.braintreegateway.com/ https://c.paypal.com/ https://buy.onramper.com https://onramper.tech https://crypto.sardine.ai/ https://crypto.sandbox.sardine.ai/; connect-src 'self' 'unsafe-inline' https://*.magic.link/ https://gbscache.magic.link https://vercel.live/ https://cognito.us-west-2.amazonaws.com/ https://kms.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://api.segment.io/ https://cdn.segment.com/ https://browser-intake-datadoghq.com/ https://*.launchdarkly.com/ https://accounts.google.com/ https://*.alchemy.com/ https://*.infura.io/ https://rpc.sepolia.com https://*.base.org https://*.cronos.org https://*.onflow.org https://*.fragmynt.network https://*.solidwallet.io https://*.hmny.io https://*.cryptonomic-infra.tech https://*.api.tez.ie https://ithacanet.ecadinfra.com https://ghostnet.tezos.marigold.dev wss://*.polkadot.io https://*.skalelabs.com https://*.skale.network https://*.skalenodes.com https://node.ghostnet.etherlink.com https://*.matic.today https://polygon-rpc.com https://*.rpc.rarichain.org https://*.solana.com https://api.zilliqa.com https://*.optimism.io https://alfajores-forno.celo-testnet.org https://forno.celo.org https://bsc-dataseed1.defibit.io https://*.moonbeam.network https://rpc.testnet.fantom.network https://rpc.ftm.tools https://*.arbitrum.io https://sepolia-rollup.arbitrum.io/rpc https://stage2-api.zksync.dev https://mainnet.era.zksync.io wss://mainnet.era.zksync.io https://testnet.era.zksync.dev wss://testnet.era.zksync.dev https://sepolia.era.zksync.dev https://*.telos.net https://*.aurora.dev https://*.metis.io https://*.velas.com https://rpc.publicmint.io:8545 https://*.p2pify.com https://*.myhbarwallet.com https://gwan-ssl.wandevs.org:56891 https://*.aptoslabs.com https://*.hedera.com https://*.swirldslabs.com https://*.swirlds.com https://*.zetachain.com https://*.blockpi.network https://zetachain-rpc.lavenderfive.com https://zetachain-mainnet-archive.allthatnode.com:* wss://zetachain-mainnet-archive.allthatnode.com:* https://rpc.ankr.com/chiliz https://spicy-rpc.chiliz.com https://alphanet.stble.io https://*.stabilityprotocol.com https://*.paypal.com https://*.ankr.com https://*.rpc.thirdweb.com https://rpc.decentraland.org; img-src 'self' blob: data: https://assets.fortmatic.com https://*.paypal.com/ https://www.paypalobjects.com/ https://*.alchemy.com/ https://i.seadn.io/ https://flagcdn.com/ ; font-src 'self' https://fonts.gstatic.com/; object-src 'none'; base-uri 'self'; form-action 'self'; worker-src 'self' blob:; block-all-mixed-content; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Sun, 16 Jun 2024 21:30:23 GMT
link
</_next/static/media/05a31a2ca4975f99-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/513657b02c5c193f-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/51ed15f9841b9f9d-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/c9a5bc6a7c948fb0-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/d6b16ce4a6175f26-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2"
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-content-type-options
nosniff
x-matched-path
/send
x-powered-by
Next.js
x-vercel-cache
MISS
x-vercel-execution-region
iad1
x-vercel-id
fra1::iad1::m57dr-1718573422035-dcec52008240
1628170060888383
connect.facebook.net/signals/config/ 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1628170060888383?v=2.9.158&r=stable&domain=play.paradisetycoon.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaeddbc87940e613f907aeb507d966666b7822b2a150558995166c3d9e137a36
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 16 Jun 2024 21:30:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=62, mss=1297, tbw=63567, tp=-1, tpl=-1, uplat=127, ullat=0
pragma
public
x-fb-debug
ErlDqMVfbuOcFsfCstwKbNbPECiZ45W7LD49kw+kVvAgjEYm9SKgsxyu/yqxmqxyezvHwe5XfrBCdQaZ07tQHw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1628170060888383&ev=PageView&dl=https%3A%2F%2Fplay.paradisetycoon.com%2F&rl=&if=false&ts=1718573422074&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718573422073.618294913773672805&cs_est=true&ler=empty&cdl=API_unavailable&it=1718573421915&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1297, tbw=2796, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 16 Jun 2024 21:30:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1628170060888383&ev=PageView&dl=https%3A%2F%2Fplay.paradisetycoon.com%2F&rl=&if=false&ts=1718573422074&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718573422073.618294913773672805&cs_est=true&ler=empty&cdl=API_unavailable&it=1718573421915&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9e17274f9b3b658b","source_keys":["1","2"]},{"key_piece":"0x6ac3f84a03b73cac","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sun, 16 Jun 2024 21:30:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7381216644417875885", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1297, tbw=3114, tp=-1, tpl=-1, uplat=138, ullat=0
pragma
no-cache
x-fb-debug
2tCGGqVPhwVUutCDNAcZZa3bDuvHxSSm1HxItZwVMCOBOOpzGo0LyniQ6jgv4HRJGYVyER70kMlMXUIXK6GDXg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7381216644417875885"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
Paradise%20Tycoon%20WebGL%20Frontend.framework.js.gz
play.paradisetycoon.com/Build/ 		503 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.paradisetycoon.com/Build/Paradise%20Tycoon%20WebGL%20Frontend.framework.js.gz?v=0.60.16
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/Build/Paradise%20Tycoon%20WebGL%20Frontend.loader.js?v=0.60.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
280ffb659b398318cbd0c1359170b614f03f5534431b7bfb9a979cbc70906214

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 21:30:22 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5456
alt-svc
h3=":443"; ma=86400
content-length
98397
last-modified
Thu, 13 Jun 2024 16:12:05 GMT
server
cloudflare
etag
"666b1a55-1805d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GzoDDNlwjare8df4texxTZhBjzKiWPUDthtBE8DdYxawAd2sG6M7WE83ozZ0AB6jE2lpraiL%2BvZGn3Ziy88o8hqMzdlKYI1SgFQSNNyvKmYnUy7vYigw19bvqGaDWlOQuuWmLqTgBbNZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
894de6950ccf903a-FRA
Paradise%20Tycoon%20WebGL%20Frontend.data.gz
play.paradisetycoon.com/Build/ 		40 MB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.paradisetycoon.com/Build/Paradise%20Tycoon%20WebGL%20Frontend.data.gz?v=0.60.16
Requested by
Host: play.paradisetycoon.com
URL: https://play.paradisetycoon.com/Build/Paradise%20Tycoon%20WebGL%20Frontend.loader.js?v=0.60.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://play.paradisetycoon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 21:30:22 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7165
alt-svc
h3=":443"; ma=86400
content-length
102964124
last-modified
Thu, 13 Jun 2024 16:47:06 GMT
server
cloudflare
etag
"666b228a-6231b9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fztDK6a77gUrjlz4Fjkfxj49ncbNbYMJUBN6nrPPAwxXyE7CKjUGPCJEO5%2FLf3lzpsxSCqm5Su2rZJzUWG124UnS2QaXU6rMMRAUhdnN9T3pbIg0xAaxc%2FWKhz0DbBCWcnXD3R%2F0KFmo"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
894de6950cd5903a-FRA
Paradise%20Tycoon%20WebGL%20Frontend.wasm.gz
play.paradisetycoon.com/Build/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
play.paradisetycoon.com
URL
https://play.paradisetycoon.com/Build/Paradise%20Tycoon%20WebGL%20Frontend.wasm.gz?v=0.60.16

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| __cfQR object| google_tag_manager object| google_tag_data object| dataLayer object| immutable object| globalise__singleton__imtbl__metrics function| MerkleTree function| MerkleMountainRange function| IncrementalMerkleTree function| MerkleSumTree object| regeneratorRuntime function| gtag function| onYouTubeIframeAPIReady object| gaGlobal function| fbq function| _fbq number| uidEvent object| bootstrap function| $ function| jQuery object| passportInstance object| unityInstance object| userProfile object| pt string| buildUrl string| loaderUrl object| config object| container object| canvas object| loadingBar object| progressBarFull object| fullscreenButton object| warningBanner object| playPTButton object| ptProgressBar object| script boolean| __cfRLUnblockHandlers function| createUnityInstance number| webgpuVersion object| unityFramework

6 Cookies

Domain/Path Name / Value
.paradisetycoon.com/ Name: _ga
Value: GA1.1.1518796720.1718573422
.paradisetycoon.com/ Name: _ga_33WJ5VDWG9
Value: GS1.1.1718573421.1.0.1718573421.0.0.0
.paradisetycoon.com/ Name: _fbp
Value: fb.1.1718573422073.618294913773672805
.magic.link/ Name: __cfruid
Value: 5f03547809e98167fe6b5e1a6f7b9c7cf31975e4-1718573423
.magic.link/ Name: __cf_bm
Value: ddRSP8UT0LYthylJmxUVu.CCMXHe7uevqRIx8Uhf1pI-1718573423-1.0.1.1-rJIc9n.YsIL.eRAFGAVLKqs.W_dSZAscwrNS4W6NHzgYbaYgcmUyg02AskfEUqTN5xQPOSJ65.HANMzXGsZr5w
auth.magic.link/ Name: _dd_s
Value: logs=1&id=cba0af9f-34e3-4ba2-a2ae-56cad0c30472&created=1718573423520&expire=1718574324181&rum=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
auth.magic.link
cdn.jsdelivr.net
connect.facebook.net
fonts.googleapis.com
play.paradisetycoon.com
region1.google-analytics.com
www.facebook.com
www.googletagmanager.com
play.paradisetycoon.com
172.67.69.153
2001:4860:4802:32::36
2606:4700:20::ac43:4599
2606:4700::6812:16e3
2a00:1450:4001:802::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:830::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::485
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
09c162ccc633b36255af74e4d65103240728aca3351a1d4cd0381f4821241aa7
0cc67f19b823d7573a95124d8f667566d3a7641665cc3e288533ade402378c6e
11d1a091bdede771036b1e8e2f16d14351073d932e878de129c0578a3413689b
1bcdce26b1af4c15514b7d05dd8aa0987b95d82d24c635b177e5d61b3e3fe81e
280ffb659b398318cbd0c1359170b614f03f5534431b7bfb9a979cbc70906214
2938ce7bfee27450dc74f7e99583ca1c7236b2647dc6e64760cd4d655b7c9aca
3ebdf64068798a9f2f8147d2807843ed67bb21b7b6959eebdc74362c1e0d8caf
4e70d43163f66ff8ebd8ffcc6149f10d11e86ccb19af21be606662c9e164993d
60ff7b672d8cb84b3f986604fd3978aefa54893df339962df7bfbabb260a8a47
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
99388776d56302524069d6626e2ad671a1cf201ade5af4c6d41c86255c7f5d00
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b734e513f6791e7796d302ca54e45a2449f1e1a672934c1e43943457a22ef3d8
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ceff44d6e588dc58b7877056d06268d9feefc93ccd7fcc7e3b1e683cbbad367d
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f5851c93a83d6f5bfb24f635e718d9fd9e57724377592bb8b1278f740a7c1f
ea13be0957c96f216b486b0499f5295619c838ee368cf16cce70fb2516bfec84
eaeddbc87940e613f907aeb507d966666b7822b2a150558995166c3d9e137a36
ef87c45166ca17b8109f97464c2966b7e7494139bc5a33cf7e147479e7c8d81e
f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638