urlscan.io logo urlscan.io
SecurityTrails logo

www.royalkadin.com Open in urlscan Pro
2606:4700:3031::6815:3243  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://royalkadin.com/wp-admin.zip
Effective URL: https://www.royalkadin.com/wp-admin.zip
Submission: On March 17 via api from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3031::6815:3243, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.royalkadin.com.
TLS certificate: Issued by GTS CA 1P5 on March 14th 2024. Valid for: 3 months.
This is the only time www.royalkadin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 29 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
37 4
Apex Domain
Subdomains		 Transfer
29 royalkadin.com
royalkadin.com
www.royalkadin.com
416 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
227 KB
37 2
Domain Requested by
28 www.royalkadin.com 1 redirects www.royalkadin.com
6 pagead2.googlesyndication.com www.royalkadin.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 royalkadin.com 1 redirects
37 4

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
kadinguzelligi.com
www.ankaraofsetmatbaa.com
Subject Issuer Validity Valid
royalkadin.com
GTS CA 1P5		 2024-03-14 -
2024-06-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.royalkadin.com/wp-admin.zip
Frame ID: 148ABE66EBDD3FCA7FD0F3CE2F529CDA
Requests: 31 HTTP requests in this frame

Frame: https://www.royalkadin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Frame ID: 537119AEC86985012D7208FAD2719048
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7124816659660463&output=html&adk=1812271804&adf=3025194257&lmt=1710683419&plat=3%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_r&format=0x0&url=https%3A%2F%2Fwww.royalkadin.com%2Fwp-admin.zip&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710683419118&bpp=1&bdt=262&idt=243&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8427883275314&frm=20&pv=2&ga_vid=519488509.1710683419&ga_sid=1710683419&ga_hid=404685544&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081576%2C44795922%2C95327077%2C95327951%2C95327955%2C31081901%2C95320376%2C95322397%2C95325785%2C95326916%2C21065724&oid=2&pvsid=3072126505877733&tmod=1514324369&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=257
Frame ID: 4A288983807794308A9107EB11CD8752
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 487AAF126A1BD712A8C0A515B526BBDD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sayfa bulunamadı – Royal Kadın – Kadınların Toplanma Noktası

Page URL History Show full URLs

  1. https://royalkadin.com/wp-admin.zip HTTP 301
    https://www.royalkadin.com/wp-admin.zip Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

37
Requests

95 %
HTTPS

100 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

642 kB
Transfer

2462 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://royalkadin.com/wp-admin.zip HTTP 301
    https://www.royalkadin.com/wp-admin.zip Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.royalkadin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.royalkadin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wp-admin.zip
www.royalkadin.com/
Redirect Chain
  • https://royalkadin.com/wp-admin.zip
  • https://www.royalkadin.com/wp-admin.zip
102 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d09d48fffac3c913401ef6ef6221d4a481ce6be03b79bbbc5a28755576397ee5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400, must-revalidate
cf-cache-status
MISS
cf-ray
865d73814c15f1a4-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 17 Mar 2024 13:50:18 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://www.royalkadin.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6uXnqyhmNB5DANFIHx0pOTNs%2FzEC8QbsV67DZRWNmHNjlS0pPLbJifuXMwUGliQyGRtD82Htg9hMTg1w16UzoSLY93fM4dPEvkOzeRZIToX6%2Btt4%2B4OyB2q4Wrb9c4wspq1ZGhad9QI%2BbRuVkuw7t%2FQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-tag
640_HTTP.404

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400, must-revalidate
cf-cache-status
MISS
cf-ray
865d737768dbf1a4-CDG
content-type
text/html; charset=UTF-8
date
Sun, 17 Mar 2024 13:50:17 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
location
https://www.royalkadin.com/wp-admin.zip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HhYtxaG7K21qB%2BLxuOnMHVpBs3kbn5QDCqBUjk5zJeCcj5g9dS1JU%2FwEf79WYO94x5Uk5UNWDeFk7UIu1JMRiTbbkV5K0szklh%2Bggi38Ms8JUhgmTTht61qEauIULLndcsRWD%2BdeKasR6qWvLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-tag
640_HTTP.404
x-redirect-by
WordPress
style.min.css
www.royalkadin.com/wp-includes/css/dist/block-library/ 		108 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 31 Jan 2024 05:40:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xbtto8eX6XWXVW3YpNyeo0lIfJfMgONUIEV9iloMgTvsYA8G%2B27U%2F9TkC9fMAJ1%2F4V%2FOz8LAccA9ySiV7N4uC5zcgdluJYL3G2C8cWPeFlx5Tusjo1qLol6zPaXglNSX4%2FE28lyGfdbgAApYSJ8Nh1c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
865d73881b09f1a4-CDG
alt-svc
h3=":443"; ma=86400
js_composer.min.css
www.royalkadin.com/wp-content/plugins/js_composer/assets/css/ 		474 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
779ae1e963b5e8a5263625a174e34dfcd073775f2893211fc7e304fb70f0e3a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:55:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cvmNxVEgWt1OaA%2BvoCg6uG8Ua9Ss0JJUYaSOZJpo3WxKSYk5mEYpiD2%2BwkRSZ1Rx4K74HU%2Fme6L4mv6IK1ZqJu7kQIaAGqzKxRvyXJA3fRWIpQQjbOrmjTDE6lvCrkwk7iBzfwxEjfAbuTQ77Wl1Qss%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
865d73881b0bf1a4-CDG
alt-svc
h3=":443"; ma=86400
frontend.min.css
www.royalkadin.com/wp-content/themes/jnews/assets/dist/ 		548 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.6
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a75b4fcd9a2ca16dd0f928054400cbd522b0d70c642148aec5d27e94c48ef76a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aYRJtxiODBEcKAN40P%2FHlvE4MRkMyeqWd1jsLF73PgujRkPIrKzLjGV132EY8AqLQe43BbVmIOd6%2Ft7x%2Bd27hinKSfbDGtLWr3NP3X%2Fw24T4zieKo1w3zkV%2B5sLjpGFJ3Tv9fdaPokCQIAfZ5sJzo28%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
865d73881b0df1a4-CDG
alt-svc
h3=":443"; ma=86400
js-composer-frontend.css
www.royalkadin.com/wp-content/themes/jnews/assets/css/ 		3 KB
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/themes/jnews/assets/css/js-composer-frontend.css?ver=10.6
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c468f25c66a9aeaa637ca5244f64ec7f967734b2dc2aa92b667cf5316155e81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=177mj5%2Fy%2BDBuAzkb0nDdgKveTF3Zc6f%2BAYDdWtiNNxCwPUM6t9Km2SVMc%2BeIINKt1K9lCzndbf3XL4vBTBjhjnGz072WNoMBKqzC%2B2ypPnAgNkLaNjn06xtg2NthOs4RSBWiIrz1x1tIpn7KrtXGvQk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
865d73881b10f1a4-CDG
alt-svc
h3=":443"; ma=86400
style.css
www.royalkadin.com/wp-content/themes/jnews/ 		425 B
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/themes/jnews/style.css?ver=10.6
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec49e6b0c1be629ef0f70217e014c642b2222583929c9810f4afb2aa4aaba068

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:41:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qeVpJWpwvju7YWesQ6Tze0XhzUSbPSOLWAyAaPTs6epk4VID60IZEv%2FfSVznCU20%2Fg4kM6biCDTItW0EI41uveEG9%2FEUZrD%2BbBTaEnNtRbiXDiORG1mf9ZOD9XXr2JhOXmg4vZi4L81w0j%2BkuBRMQdY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
865d73881b11f1a4-CDG
alt-svc
h3=":443"; ma=86400
darkmode.css
www.royalkadin.com/wp-content/themes/jnews/assets/css/ 		46 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/themes/jnews/assets/css/darkmode.css?ver=10.6
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fadf99638094a841349a5bc82be83289b9b7c795838626f5ab8462763bad224

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0GpKXIbaBKukVKS7nBI0HqvDcyDacoe1wHkLiEJA7dGJpsFRXZzxnRuH2jLTQj4c3Rx9BI%2Brk4QmJtDNMLlSQq%2Be4AvyiFreGpnWcntD7%2BIjYhY3YMju%2B5eyoBFVPpMi6JX1c%2Fke1FT%2BjeiTecXTY%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
865d73881b13f1a4-CDG
alt-svc
h3=":443"; ma=86400
scheme.css
www.royalkadin.com/wp-content/themes/jnews/data/import/reportase/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/themes/jnews/data/import/reportase/scheme.css?ver=10.6
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f78ee77d776fbc480c9060bcbc36b884377df60a35af6336467c3326e8c0bcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:41:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c8elvGNOVZAeMDVVyQ931ty2AIUJts3WkUHbobtSaJtloohIq%2BcMTTFfxtIh2eFdSfE5JdbvHTidJRohZoquNSOYAdJ4wAP5TTfqvgXrZojyCg1LlO8%2B8KknrbMNUNuv7NV%2FzYHoqCAF9H8AnyxPsCE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
865d73881b14f1a4-CDG
alt-svc
h3=":443"; ma=86400
plugin.css
www.royalkadin.com/wp-content/plugins/jnews-social-login/assets/css/ 		2 KB
865 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/plugins/jnews-social-login/assets/css/plugin.css?ver=10.0.2
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c62c820213f1ab28757a744fd3d15b65fc1ac9e148c8db2c50eb8a20959f930

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:50:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g3sNf%2BgAPnPTFJwtHvgPkq4Bn109zaKMmyDD57YXyCnYVHq7aIAqx4KquhTwg5CkBrhv9mvwogft70GWw%2BTVhLWYGrMHmFS1KPLX9qDGJS53%2FVEhG2sHbc49ghu9YyNr9SmlSi1mpVHTeaJQGnklsYU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
865d73881b15f1a4-CDG
alt-svc
h3=":443"; ma=86400
plugin.css
www.royalkadin.com/wp-content/plugins/jnews-social-share/assets/css/ 		1 KB
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/plugins/jnews-social-share/assets/css/plugin.css
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5847707988b0ee28c7b583abaabd6c203ad910326e5b9fe12149a0bc8ac43e5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:50:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxMR5NzMROZ1K01dB2gdH8w%2FTe15QLgsu5VTyvz0CJwgOd6PpdB0ZMoma7MjdGVa4tw5IKQzXuMb%2FVP%2F1kSL868aKF4xDY41MrP0hKYV29W4koSEAugRQ9PYGlEuEo%2FMqkVUY%2B8kt9QNPVDMJFNuQBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
865d73881b17f1a4-CDG
alt-svc
h3=":443"; ma=86400
plugin.css
www.royalkadin.com/wp-content/plugins/jnews-weather/assets/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/plugins/jnews-weather/assets/css/plugin.css?ver=10.0.2
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8090175413e5704419b0395fd14158a2c699d36f1deeb67083f1dcde74166c94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:50:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoWkWxtz2PxkhAzz9sRCSR1e52%2F29%2FB%2BYvm1R6dsW6HMYDwgLYuxhsXc6OuzLBsIvln7gcMPFi4wlxSOHbCUnJCc%2FCA07A0A3ZYGWu5QVwUd%2FkUXclNzTolQG2dZyJFA%2FonzKwX0W2mXGlLOf9vCnOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
865d73881b18f1a4-CDG
alt-svc
h3=":443"; ma=86400
jquery.min.js
www.royalkadin.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 06:41:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNAlaHeZSy4O4jB2B7SyZeScjM9zOdpvy%2FPjczMGW%2FczRZggmgqM2v1y63HRP4uKdY89DRzc8KkVAC8IxPLU99lx3hPOGI6P7YiYNvXYhAEkqae%2FRRWyjX1cYLIsgDOvziDSXN4zpvO8KsIEniArWfI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
865d73884b62f1a4-CDG
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
www.royalkadin.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 09 Aug 2023 06:10:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FGyZ61NdUEcs87JAmc0hxQtLOpOnI78vClBMfkP2GRah%2Ftc3QsIqFTckPHu2habYkkSkLntMZ2u8v%2FuOmHkL2%2FQApp8kvG3v2hja6%2FmfeTHkr2EO18g0HVFaap7IXTre3JCmowlCNJfTYC%2BkRE8VdCM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
865d73884b66f1a4-CDG
alt-svc
h3=":443"; ma=86400
logo_mobile.png
www.royalkadin.com/wp-content/themes/jnews/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.royalkadin.com/wp-content/themes/jnews/assets/img/logo_mobile.png
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f51052bd6497dfa454b67975acb33a59b561443fbbe16a7aac155d4232c77e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:18 GMT
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=75btvYruV5R%2Bi0GoPxhM6khyZYyhNI0uHBoBrzSjfxVPevEme95AC690IX%2BP0H53qERDOGgwb0MIXfMuEYkkkXYx70kRW251OSAJ8Xsj%2B45v%2BMUR%2BBUM5y9zpDgxCRbDqRy4cgAID5oVAjElebDYsd0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
865d73884b71f1a4-CDG
alt-svc
h3=":443"; ma=86400
content-length
2017
jeg-empty.png
www.royalkadin.com/wp-content/themes/jnews/assets/img/ 		70 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.royalkadin.com/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:18 GMT
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M1%2BtFsCeqeXOky5dTg21CEJ%2FO3e1QGHqUSCY60bAjlZ5rn%2F6vmr7F2E1NVnH3e%2FhWiS0M1HlCOcylxTNmTvJPuh49fiDM2CBjNib6eNEpPyeM%2F6x7WYAXGWW1zJ94o67NZEVj7x4MAyB749PM7ZuVJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
865d73884b6bf1a4-CDG
alt-svc
h3=":443"; ma=86400
content-length
70
42cb320e-7184-46c8-b37b-c2e903421c77
https://www.royalkadin.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.royalkadin.com/42cb320e-7184-46c8-b37b-c2e903421c77
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
hoverIntent.min.js
www.royalkadin.com/wp-includes/js/ 		1 KB
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hIANTZlTs70See4Nf2xm2fYjNlycT0zI0MBFPVaJhZ%2Fk4GkmZNFlB9kk7I%2Fyax3RPSoUxZ77Tn5YQh1F6sCitvF8BUYDkIouQsOK4%2Fg%2FLTZhQjYvTiWw2ppMR8vpqsTj%2F51dEvH5O56WlXquomlUenU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
865d73884b73f1a4-CDG
alt-svc
h3=":443"; ma=86400
imagesloaded.min.js
www.royalkadin.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 06:41:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BpRyivvBO%2FSCpr0S00emMi1x4woc1pvYf2mZtCaqA6%2FrFTAN2Zplc6iGH4tuKo%2FGRg888kiybzAwLH4GhQGyJyPpxHa%2F9D04VUWKS3ia6QDzQkP9ZIU7eEJ3IDEKox2xh48bxTrNXOXDDRGXsMezk4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
865d73884b78f1a4-CDG
alt-svc
h3=":443"; ma=86400
frontend.min.js
www.royalkadin.com/wp-content/themes/jnews/assets/dist/ 		296 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=10.6
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43555078cd7570c43b63e2e42d278dcd7d7013e53a043737096db1e6df2f4326

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfryuxzasjWCedcjoFPyUHHY3Ord6YeHfWDSYXbHIFtoT9z%2BrSn2%2FWiuJI%2Fk9XWtI9LCX6eqiMf19o8hE%2B%2Fvuz4afQQx9RWTNhLfYejIT9cLQUrt7ovmrAwJCSiapx6yyxK3Jpntng5mFZChytn9%2Ft4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
865d73884b7bf1a4-CDG
alt-svc
h3=":443"; ma=86400
plugin.js
www.royalkadin.com/wp-content/plugins/jnews-social-login/assets/js/ 		990 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/plugins/jnews-social-login/assets/js/plugin.js?ver=10.0.2
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1242fa94be3c8b4f77e19e0098a00ce4714e76b48fcf9fb6c6fb95e978bc5df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:50:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dd0di1epmiHQuQ4VjRzp%2FcvMSXqxjVOL%2FDGKLjyzd192CtCcU1daScrdSRmf8RpF87DLYt62q0YPtwGZ7nnuWecahxnlv4znExp8fkAvI2%2B%2Fp1r5719vZMb22wZg7NguQDHOV66yJGtUqb%2BXtZ1NvMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
865d73884b7ff1a4-CDG
alt-svc
h3=":443"; ma=86400
plugin.js
www.royalkadin.com/wp-content/plugins/jnews-social-share/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/plugins/jnews-social-share/assets/js/plugin.js
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae63276d13de5376dd9d5d0dd2d330cb131ace6ab96008ddcad724acff553cea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:50:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wydO1%2BgMUm3bbevbmEDcNrLBcLF%2Bymy1qap7r%2FZfKwgdskvRJs%2BshOYrHDuiiAZe7Xsii9e0eGKswiXPqbEEc72p3XAQRIKioL6Q3nOoGL619jbBJb4YJ8a8YLGh2IGUYcIHA1odILsMtQRxJjdefQo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
865d73884b82f1a4-CDG
alt-svc
h3=":443"; ma=86400
plugin.js
www.royalkadin.com/wp-content/plugins/jnews-weather/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/plugins/jnews-weather/assets/js/plugin.js?ver=10.0.2
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14fda626da796ba6001f41a90c37863699bb447ee82d31ca8a9ae561e9abfdef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:50:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UOkvXoBqheEktOyyljy1d1fvCpEWxS5dgCvhAO3GgC3ExlPhlZx14tX8JOGy1Hu8qoWCgbfeNTepKK6V6%2FPEICGchw1Swy0UqqOd8EZDynRcEB%2FcS4UGZvKA%2BxM7mqup%2B0Sons0boglsCAUlJsA2qYA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
865d73884b85f1a4-CDG
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7124816659660463
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45f03f8c36574f0c2e878716550d66edf35a5a50cb724fee875a9ab0573db610
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.royalkadin.com/
Origin
https://www.royalkadin.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50757
x-xss-protection
0
server
cafe
etag
5057578470860586776
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 17 Mar 2024 13:50:18 GMT
preloader.gif
www.royalkadin.com/wp-content/themes/jnews/assets/dist/image/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.royalkadin.com/wp-content/themes/jnews/assets/dist/image/preloader.gif
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:20 GMT
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Py18dkXRNwTLgh%2BGBXaJXxwbXcui7gDhoYNx2Fajf2rk8y3oRaGxGyiHt0JXgUlbSSEF61jiPw0hwe%2BtV%2BvNiUdm7Nw9%2FZCgUyVAQI1blvTTuBrvSUzyYr3bTNPoqXe9egfbd0VxBjEqI5p5IUbL4dA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
865d73896827975e-FRA
alt-svc
h3=":443"; ma=86400
content-length
4399
fontawesome-webfont.woff2
www.royalkadin.com/wp-content/themes/jnews/assets/dist/font/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.royalkadin.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.6
Origin
https://www.royalkadin.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:20 GMT
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oNmhf8%2FPsIS3OYNygmVTdiDsX2Y6%2F0j3N7yRNL4q%2BcuPXnRW45mr3oDvqC7JZe5sH%2FodwxkOY4MRphZ7tKbVhXHhN5NU%2FhuUeLmeb4Znv4D0RIAxgvNFovJw%2FksgPY3RaxKMZ545U7hHyBTk37a2AJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
865d7389682a975e-FRA
alt-svc
h3=":443"; ma=86400
content-length
77160
jegicon.woff
www.royalkadin.com/wp-content/themes/jnews/assets/dist/font/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-content/themes/jnews/assets/dist/font/jegicon.woff
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer
https://www.royalkadin.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.6
Origin
https://www.royalkadin.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:20 GMT
cf-cache-status
MISS
last-modified
Sat, 06 Aug 2022 23:41:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcdvcGdyOGTCaH4ohrNIGEIVSfGdvZhLXFmOoxb9P4tHeNtKGlxWhBIGcFsDs7l3VJ3ZNG%2BWzUh4qrpNKzhcU3rHXoGE7ZFNTq1JUL%2Fk704XTnRptU3%2BtjZK%2F5UqHd7Lqn4yOFtFDS8EKf47jZcClKA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
865d7389784b975e-FRA
alt-svc
h3=":443"; ma=86400
content-length
7144
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7124816659660463&plah=www.royalkadin.com&aplac=true&bust=31081901
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7124816659660463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2be41dae8e973d17af2b8e8fbc9751875ac34dc96218434888552d3737c255b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140996
x-xss-protection
0
server
cafe
etag
16691268320632825390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 13:50:19 GMT
wp-emoji-release.min.js
www.royalkadin.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/wp-admin.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 30 Mar 2023 05:39:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=isv0lhOEcQoXwNBJ2sDibbVtCNyIYNljhfJR11LhHX4Z22qMK4akVRsZJczr0Z7PVTkv%2FPqU7BqULzBXcCsgEl%2Fao2yskTHcl8dgapVgHB8T7s2Lo%2FHDHV7cD7qyHavCkt9j5nraaMWphyPKBzXh3CA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
865d73898867975e-FRA
alt-svc
h3=":443"; ma=86400
main.js
www.royalkadin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/ Frame 5371
Redirect Chain
  • https://www.royalkadin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.royalkadin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/wp-admin.zip
Protocol
H3
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88666b4bc57fa25aa09b47a888693739cf65bc511b558459474b7afb548677eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:19 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QrSDuuj2SrF%2Bl1zCo2rz%2FVkbaCupDZJyrp1jsi9DMPhz3eR6%2B2q4%2Fa5TcaowiEhg%2FrPR4CPbNuHfADmCUG1BJwnXQyYJfoSiD%2FbfRzFmgtMRpQmYY%2FGDgiPGwzl2q81wij%2Fb%2BFrDrvTqV%2Fc60c5XChI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
865d7389c8ac975e-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 17 Mar 2024 13:50:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8C9u6pz7noeZBeHCo0seITbkHMiX1wPqniVEjkpzK0X1z6ySEYaffdDAmUcILIg44ovKnfxw8JxhtSzQ1NcApr5%2Fr03D%2FY0mk2bOY33RaXK8VlsnEbyfMAkFxGljaUMsFHC1Nh1DUHEG%2FVSfD6ekhlQ%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
865d73899873975e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
865d73814c15f1a4
www.royalkadin.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5371 		0
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.royalkadin.com/cdn-cgi/challenge-platform/h/b/jsd/r/865d73814c15f1a4
Requested by
Host: www.royalkadin.com
URL: https://www.royalkadin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 17 Mar 2024 13:50:19 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yYGFcxFbLnS3XaIMFMAC4NpL06hUbyLg53QoMRVnu1LUMI58xzAOIR8SXVJdRIZ1e56VyLNj1PLFZEUOQp%2BXJFJlgzPIEeATftUHB5Bqn99J2EpnmEZKoQIuz43h4PLnr8HeyEyreBqYA2qRdGxj590%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
865d738a596d975e-FRA
alt-svc
h3=":443"; ma=86400
ads
pagead2.googlesyndication.com/pagead/ Frame 4A28 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7124816659660463&output=html&adk=1812271804&adf=3025194257&lmt=1710683419&plat=3%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_r&format=0x0&url=https%3A%2F%2Fwww.royalkadin.com%2Fwp-admin.zip&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710683419118&bpp=1&bdt=262&idt=243&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8427883275314&frm=20&pv=2&ga_vid=519488509.1710683419&ga_sid=1710683419&ga_hid=404685544&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081576%2C44795922%2C95327077%2C95327951%2C95327955%2C31081901%2C95320376%2C95322397%2C95325785%2C95326916%2C21065724&oid=2&pvsid=3072126505877733&tmod=1514324369&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=257
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7124816659660463&plah=www.royalkadin.com&aplac=true&bust=31081901
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.royalkadin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Mar 2024 13:50:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7124816659660463&plah=www.royalkadin.com&aplac=true&bust=31081901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a59bcd5732dc3332fa3141d70cb6a35c086e3d778df8ddab49eca02ac5c9e7dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12347
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7124816659660463&plah=www.royalkadin.com&aplac=true&bust=31081901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Mar 2024 13:50:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 487A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.royalkadin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3489
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Mar 2024 12:52:11 GMT
expires
Mon, 17 Mar 2025 12:52:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
pagead2.googlesyndication.com/bg/ Frame 487A 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15583
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Mar 2025 12:52:11 GMT
generate_204
tpc.googlesyndication.com/ Frame 487A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?w7PvDg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 13:50:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=3072126505877733&bg=!0tGl0Z7NAAY_ejuoH3o7ADQBe5WfOCwYwMYX2q9HUTn8JCX9UjTZgqIotwsUqFI7Aazis17PlW2EBbB11M8B4JB6X6LpAgAAAC9SAAAAA2gBBwoAoI57zOQYxMvB8vhY5e88QKdrfcTT1K-iF1-h5rpvqdkC7u4_5ShOXs-VaKAV56C6MvY_1k8NtmOrpHY0ec1qNrx-mYGMzBlMN837RSsMPOIq21uANH30Ys1SZzCquYkst4YdTAHIi1eDbG8TO0MSGdJ2THMdf9L5O4Pw0xBCdHoUSnMbjHJySm4nc_fXFAVQNxc0WHxBohIpQDh_m-ZbXUqZAsUOlN6H0S87CcVkohM9yyjOuzQZqwpub3Cs9hQTJVVY5_EPCSj3OYHGIj9Q9plCb46KJjvJbT-bJyjI2sIPuEv7M1ud4QddCws4SNW9-UVSmmZroka5N4WxiyG9UWtl28dpLGu8XuCR2M3SCDHsWBvUnSi3MZ3UDFoxDhaDL-RAPVCEPU8n-oN-fma0X3zlc2bGe3x1bPrTJ6AkEAkIqDx66_EVq0bCIxtOWlJm0AYY7otfE_AmlSc7QtI33L7QzKeVYhUgtjGN6_mapy7lbpWZKWj4rVMgHGscrIXWLsgNSgbUcRvY7gtp8incfutC1N7uHjYtnv-gan_t9aBk7Bcn1G1xbTgJcJeHE6hCbOC3UZHHBp4vGqQpFxGGQ12-BWw-eWwiIQep-6MZzZGSB1PY9XrRWKU7saTbQYmLihzStY07FK1CHH2XsDdVCT9ZrIBnlHB4RHqX192pp7FRZxVDhojdM8-pL5Nn6QeZikVDHRi0Rt-nIb-m3xN0hxiqttnI3X58770RSFkKw04Go6kq3Ripx6in0jerU9e3Zo-dmW8_sTnMXOmbRVdtSEqKa__iUerpIDfakoePXHJErRLeTh3XrRSsuHEBPr4FPqlYuwp0oxjbWcbRUUWcGnPcs0z9ZqhEDcTvsMcX9p_rwMmAFaaPsbJkzMnhH7xR29n5rY1T_cERQdNu8jPRY8PMKpxaMS8IH_7oSFwn0OB-sAu6azyr5835VD9XG_vE9qCNlxzxsVBG8tPu3LIkhewnIhwKXe6wf9aLzkTbog7UMQcGtkBuZFAhfpIv3HOpHIHRKGiY9ZK3ulTT0ZsWBrPXXwCPFdAholCGYy-sS7bhyzsT0UI_HRJq3DIiMjsHh7NIGp7OWE3ActrTUbA61kwHYjZNsy52c7mPgKqa_B_PHEA5lES2Ak-gv0LnH1NAOXPtBCix9HSz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.royalkadin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| jnews_ajax_url function| _0x210afa function| _0xd6e2 function| _0x4d7f object| jnews object| jnewsDataStorage object| _wpemojiSettings object| jnews_module__0_65f6f51ab2d84 object| jfla object| jnewsoption object| jnews_select_share number| myVar function| myTimer function| myStopFunction function| gizle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages undefined| $ function| jQuery function| EvEmitter function| imagesLoaded object| twemoji object| wp object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.royalkadin.com/ Name: cf_clearance
Value: NWu17f1RpSQ6pgwPhWsP4z3fCS9MTnlyRT.Y3HqHYkw-1710683419-1.0.1.1-l_5_FqnuErKpSOjtqXLAI.4EUIT8kWw4oq4v45YHyaSSZwTI73aqbM2LKZYnFJbHH9TJh8jr_vR2onenCBx5SQ

2 Console Messages

Source Level URL
Text
network error URL: https://www.royalkadin.com/wp-admin.zip
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7124816659660463&output=html&adk=1812271804&adf=3025194257&lmt=1710683419&plat=3%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_r&format=0x0&url=https%3A%2F%2Fwww.royalkadin.com%2Fwp-admin.zip&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710683419118&bpp=1&bdt=262&idt=243&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8427883275314&frm=20&pv=2&ga_vid=519488509.1710683419&ga_sid=1710683419&ga_hid=404685544&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081576%2C44795922%2C95327077%2C95327951%2C95327955%2C31081901%2C95320376%2C95322397%2C95325785%2C95326916%2C21065724&oid=2&pvsid=3072126505877733&tmod=1514324369&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=257
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pagead2.googlesyndication.com
royalkadin.com
tpc.googlesyndication.com
www.royalkadin.com
2606:4700:3031::6815:3243
2a00:1450:4001:803::2001
2a00:1450:4001:827::2002
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
14fda626da796ba6001f41a90c37863699bb447ee82d31ca8a9ae561e9abfdef
1c468f25c66a9aeaa637ca5244f64ec7f967734b2dc2aa92b667cf5316155e81
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3fadf99638094a841349a5bc82be83289b9b7c795838626f5ab8462763bad224
43555078cd7570c43b63e2e42d278dcd7d7013e53a043737096db1e6df2f4326
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45f03f8c36574f0c2e878716550d66edf35a5a50cb724fee875a9ab0573db610
4c62c820213f1ab28757a744fd3d15b65fc1ac9e148c8db2c50eb8a20959f930
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5847707988b0ee28c7b583abaabd6c203ad910326e5b9fe12149a0bc8ac43e5c
5f78ee77d776fbc480c9060bcbc36b884377df60a35af6336467c3326e8c0bcf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
779ae1e963b5e8a5263625a174e34dfcd073775f2893211fc7e304fb70f0e3a7
8090175413e5704419b0395fd14158a2c699d36f1deeb67083f1dcde74166c94
88666b4bc57fa25aa09b47a888693739cf65bc511b558459474b7afb548677eb
a59bcd5732dc3332fa3141d70cb6a35c086e3d778df8ddab49eca02ac5c9e7dd
a75b4fcd9a2ca16dd0f928054400cbd522b0d70c642148aec5d27e94c48ef76a
ae63276d13de5376dd9d5d0dd2d330cb131ace6ab96008ddcad724acff553cea
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
c1242fa94be3c8b4f77e19e0098a00ce4714e76b48fcf9fb6c6fb95e978bc5df
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d09d48fffac3c913401ef6ef6221d4a481ce6be03b79bbbc5a28755576397ee5
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec49e6b0c1be629ef0f70217e014c642b2222583929c9810f4afb2aa4aaba068
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
f2be41dae8e973d17af2b8e8fbc9751875ac34dc96218434888552d3737c255b
f51052bd6497dfa454b67975acb33a59b561443fbbe16a7aac155d4232c77e79