URL: https://www.realmoney.games/
Submission: On October 29 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 47 HTTP transactions. The main IP is 194.1.147.9, located in Chicago, United States and belongs to WPX, BG. The main domain is www.realmoney.games.
TLS certificate: Issued by R3 on August 15th 2021. Valid for: 3 months.
This is the only time www.realmoney.games was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
11 pagead2.googlesyndication.com www.realmoney.games
pagead2.googlesyndication.com
tpc.googlesyndication.com
9 cdn1.pegasaas.io www.realmoney.games
7 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.realmoney.games cdn1.pegasaas.io
1 www.googletagservices.com googleads.g.doubleclick.net
1 www8.afsanalytics.com code.afsanalytics.com
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 code.afsanalytics.com www.realmoney.games
47 14
Subject Issuer Validity Valid
realmoney.games
R3
2021-08-15 -
2021-11-13
3 months crt.sh
*.globalcdn.io
Amazon
2020-12-09 -
2022-01-07
a year crt.sh
*.afsanalytics.com
AlphaSSL CA - SHA256 - G2
2021-10-03 -
2022-11-04
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.google.de
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
www.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.realmoney.games/
Frame ID: 468FF1981EA2C394E333B8D28F98917D
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/zrt_lookup.html
Frame ID: 28820C9AE5B620DD4DD068396090AC5E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3219119965238567&output=html&adk=1812271804&adf=3025194257&lmt=1634101566&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.realmoney.games%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635538886573&bpp=2&bdt=1943&idt=88&shv=r20211026&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8142747779696&frm=20&pv=2&ga_vid=1309478403.1635538887&ga_sid=1635538887&ga_hid=44280953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063295&oid=2&pvsid=2841516649387237&pem=6&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=107
Frame ID: 64755D1B2277F83653D35D1BB98FC398
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DC6889E1194907AE78A702CF28991F76
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A128B8D9FB81F92136BCEE3CAF6BF43C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Frame ID: E27445342C6CC4596620C90F0AA82AD8
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 5361F178480FD4F6A8E2BE69456B5287
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js
Frame ID: 0F98FD761C12FF571F8C8F5AB47D5B9F
Requests: 1 HTTP requests in this frame

Screenshot


Page Statistics

47
Requests

98 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

15
IPs

2
Countries

793 kB
Transfer

2205 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.realmoney.games/
460 KB
73 KB
Document
General
Full URL
https://www.realmoney.games/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.1.147.9 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/FF / Pegasaas Accelerator WP 3.8.10
Resource Hash
9bd66f06fe197d0f98c627d0fa9055b934ba1b465f537984a066eb8c6f9c06ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-cache
expires
Fri, 29 Oct 2021 20:21:24 GMT
content-type
text/html; charset=UTF-8
last-modified
Wed, 13 Oct 2021 05:06:06 GMT
etag
"730ca-6166693e-e91a22a86f841b71;br"
accept-ranges
bytes
content-encoding
br
vary
Accept-Encoding
content-length
74213
date
Fri, 29 Oct 2021 20:21:24 GMT
server
WPX CLOUD/FF
x-pegasaas-cache
HIT
x-powered-by
Pegasaas Accelerator WP 3.8.10
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
DENY
referrer-policy
no-referrer-when-downgrade
permissions-policy
geolocation=(self "https://www.realmoney.games"), microphone=()
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by
LiteSpeed
age
0
x-cache
MISS
x-edge-location
WPX CLOUD/FF
semi-critical-1634101562.css
cdn1.pegasaas.io/46df/css/wp-content/pegasaas-cache/
14 KB
3 KB
Stylesheet
General
Full URL
https://cdn1.pegasaas.io/46df/css/wp-content/pegasaas-cache/semi-critical-1634101562.css
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-47.fra60.r.cloudfront.net
Software
nginx / PleskLin
Resource Hash
4c88edd12cd064979abc0e8c35cb7a574ef2bc911c58cca171ccbd35aa2d9658

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 00:08:05 GMT
content-encoding
gzip
age
72799
x-powered-by
PleskLin
x-cache
Hit from cloudfront
x-pegasaas-cache
HIT
content-length
2576
access-control-allow-origin
*
last-modified
Mon, 25 Oct 2021 13:30:26 GMT
server
nginx
etag
"360b-5cf2d5d19c080-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
cache-control
max-age=31536000, max-age=31536000, public
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
nbZjpEccR_vLwCxx63GZC1gvgYVDsidLTuvWHBMzbOgp9FqpQWpUug==
expires
Sat, 29 Oct 2022 00:08:05 GMT
S6uyw4BMUTPHjx4wXg.woff2
cdn1.pegasaas.io/46df/css/wp-content/astra-local-fonts/lato/
23 KB
23 KB
Font
General
Full URL
https://cdn1.pegasaas.io/46df/css/wp-content/astra-local-fonts/lato/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-47.fra60.r.cloudfront.net
Software
nginx / PHP/7.4.24, PleskLin
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Request headers

Referer
https://www.realmoney.games/
Origin
https://www.realmoney.games
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 14:26:42 GMT
via
1.1 319f376925908156190f5fc160137b43.cloudfront.net (CloudFront)
etag
b4d2c4c39853ee244272c04999b230ba
age
2094882
x-powered-by
PHP/7.4.24, PleskLin
x-cache
Hit from cloudfront
cache-tag
46df 46dfwoff2
x-pegasaas-cache
MISS
content-length
23484
last-modified
Tue, 05 Oct 2021 14:26:42 GMT
server
nginx
x-pegasaas-load
7
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
1zRekHqfcKv9q1PFmnXa-7gcoU4mrCBN8jr6t3cRsvTy-zh7uavyUw==
expires
Wed, 05 Oct 2022 14:26:42 GMT
f60783da-87db-4a83-9699-a4460cd7355f
https//www.realmoney.games/
1 KB
0
Other
General
Full URL
blob:https://www.realmoney.games/f60783da-87db-4a83-9699-a4460cd7355f
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ad59ede01d71e8d351c834c3cd8f3c7a93654546b27db1300f65de580df15c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
1220
Content-Type
text/javascript
S6u9w4BMUTPHh6UVSwiPGQ.woff2
cdn1.pegasaas.io/46df/css/wp-content/astra-local-fonts/lato/
22 KB
23 KB
Font
General
Full URL
https://cdn1.pegasaas.io/46df/css/wp-content/astra-local-fonts/lato/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-47.fra60.r.cloudfront.net
Software
nginx / PHP/7.4.24, PleskLin
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Request headers

Referer
https://www.realmoney.games/
Origin
https://www.realmoney.games
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 14:26:42 GMT
via
1.1 319f376925908156190f5fc160137b43.cloudfront.net (CloudFront)
etag
1efbd38aa76ddae2580fedf378276333
age
2094882
x-powered-by
PHP/7.4.24, PleskLin
x-cache
Hit from cloudfront
cache-tag
46df 46dfwoff2
x-pegasaas-cache
MISS
content-length
22992
last-modified
Tue, 05 Oct 2021 14:26:42 GMT
server
nginx
x-pegasaas-load
8
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
P5W874RV131C49A3spGdYaOKL7iUd57Id0or0X54VJ0TIIJeOK30ag==
expires
Wed, 05 Oct 2022 14:26:42 GMT
astra.woff.compressed-to.woff2
cdn1.pegasaas.io/46df/css/wp-content/themes/astra/assets/fonts/
2 KB
2 KB
Font
General
Full URL
https://cdn1.pegasaas.io/46df/css/wp-content/themes/astra/assets/fonts/astra.woff.compressed-to.woff2
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-47.fra60.r.cloudfront.net
Software
nginx / PHP/7.4.24, PleskLin
Resource Hash
21d2d44493443e9b193cd5ac1c3d58db17556f91f1956cd861d3e7d180e1dfdc

Request headers

Referer
https://www.realmoney.games/
Origin
https://www.realmoney.games
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 14:26:43 GMT
via
1.1 319f376925908156190f5fc160137b43.cloudfront.net (CloudFront)
etag
eda5499c6e74f075075f478afc0bd482
age
2094880
x-powered-by
PHP/7.4.24, PleskLin
x-cache
Hit from cloudfront
cache-tag
46df 46dfwoff2
x-pegasaas-cache
MISS
content-length
1832
last-modified
Tue, 05 Oct 2021 14:26:43 GMT
server
nginx
x-pegasaas-load
8
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
GHJtS_Z1e6DYZGpcqEmV-E9aM6gFeNjV3jSc7KwfWIvVa1qOLrCUcQ==
expires
Wed, 05 Oct 2022 14:26:43 GMT
modules.woff.compressed-to.woff2
cdn1.pegasaas.io/46df/css/wp-content/plugins/divi-builder/core/admin/fonts/modules/all/
29 KB
30 KB
Font
General
Full URL
https://cdn1.pegasaas.io/46df/css/wp-content/plugins/divi-builder/core/admin/fonts/modules/all/modules.woff.compressed-to.woff2
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-47.fra60.r.cloudfront.net
Software
nginx / PleskLin
Resource Hash
0a186186e8c3f6ee6b237ca9fee6189527131fdd53b88672da91d812de3fa3c0

Request headers

Referer
https://www.realmoney.games/
Origin
https://www.realmoney.games
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 14:53:53 GMT
via
1.1 319f376925908156190f5fc160137b43.cloudfront.net (CloudFront)
age
2093251
x-powered-by
PleskLin
x-cache
Hit from cloudfront
x-pegasaas-cache
MISS
content-length
29928
last-modified
Tue, 05 Oct 2021 14:26:44 GMT
server
nginx
etag
"74e8-5cd9bd19e7100"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
sedfhE2ZyVetMl6YAVwJ1irr6GIcKA-CpXrr1edSY3phiKDtKKdH3g==
expires
Wed, 05 Oct 2022 14:53:53 GMT
real-money-games-home-page-logo.jpg
cdn1.pegasaas.io/46df/img/wp-content/uploads/2021/06/
46 KB
46 KB
Image
General
Full URL
https://cdn1.pegasaas.io/46df/img/wp-content/uploads/2021/06/real-money-games-home-page-logo.jpg
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-47.fra60.r.cloudfront.net
Software
nginx / PleskLin
Resource Hash
c55c351680b6f0e55abd5709619bfd76a1a6c823cc3afbf6881e3b199520cbcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 06:21:07 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
age
1864817
x-powered-by
PleskLin
x-cache
Hit from cloudfront
x-pegasaas-cache
MISS
content-length
46940
last-modified
Wed, 06 Oct 2021 11:31:10 GMT
server
nginx
etag
"b75c-5cdad7b95bb80"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
kg2VGfjLNDCmlTKYO-pL5zvdxnmge2ZHiMj07kNcZvgvMP4cflILOw==
expires
Sat, 08 Oct 2022 06:21:07 GMT
skill-games-for-money.jpg
cdn1.pegasaas.io/46df/img/wp-content/uploads/2021/06/
36 KB
36 KB
Image
General
Full URL
https://cdn1.pegasaas.io/46df/img/wp-content/uploads/2021/06/skill-games-for-money.jpg
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-47.fra60.r.cloudfront.net
Software
nginx / PleskLin
Resource Hash
d4d0fe576ed04c5a9ff78e041cb0cbc57f9fc3f90bf3f2fcfcabc38004ca7e28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:21:24 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-powered-by
PleskLin
x-cache
Miss from cloudfront
x-pegasaas-cache
MISS
content-length
36600
last-modified
Wed, 06 Oct 2021 06:36:50 GMT
server
nginx
etag
"8ef8-5cda95ef78480"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
3lMrA_owUwkBGsMShNHpEOmdwCfhLYMDT5td6e3fhrP654225b3wpg==
expires
Sat, 29 Oct 2022 20:21:24 GMT
real-money-games-of-chance.jpg
cdn1.pegasaas.io/46df/img/wp-content/uploads/2021/06/
50 KB
51 KB
Image
General
Full URL
https://cdn1.pegasaas.io/46df/img/wp-content/uploads/2021/06/real-money-games-of-chance.jpg
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-47.fra60.r.cloudfront.net
Software
nginx / PleskLin
Resource Hash
038835fd3e7fd7949b1a9cb252ad58ad35853447236b8cbb564fc690b751fa97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:21:25 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-powered-by
PleskLin
x-cache
Miss from cloudfront
x-pegasaas-cache
MISS
content-length
51424
last-modified
Wed, 06 Oct 2021 06:36:50 GMT
server
nginx
etag
"c8e0-5cda95ef78480"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
zffQDpzxSMqT24DOqZ0o3o8Whx_XMY6BrlG4OFU8z0m0icpTJRN1TQ==
expires
Sat, 29 Oct 2022 20:21:25 GMT
analytics.js
code.afsanalytics.com/js/
86 KB
24 KB
Script
General
Full URL
https://code.afsanalytics.com/js/analytics.js
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.57.44 Newark, United States, ASN16276 (OVH, FR),
Reverse DNS
code.afsanalytics.com
Software
Apache /
Resource Hash
0fd5df88a668e5e342127a6c22ed6334386e0313c0b94f211cb4d272afca5ae7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 29 Oct 2021 20:21:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Oct 2020 14:28:37 GMT
Server
Apache
ETag
"156ff-5b0d92e71df1b-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
23853
Expires
Fri, 29 Oct 2021 21:21:25 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
398bc46da12b771055e1ef7d370871aa1b018f4ac9017b055ae89b739820e868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51583
x-xss-protection
0
server
cafe
etag
88598481482525639
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 20:21:26 GMT
bundle-js-1634101562.js
cdn1.pegasaas.io/46df/js/wp-content/pegasaas-cache/
382 KB
105 KB
Script
General
Full URL
https://cdn1.pegasaas.io/46df/js/wp-content/pegasaas-cache/bundle-js-1634101562.js
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-47.fra60.r.cloudfront.net
Software
nginx / PleskLin
Resource Hash
13909b5f1d645883e519a46dd0c0c1389627f2fcadd89de55d4187e0c589c4aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:21:26 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P3
x-powered-by
PleskLin
x-cache
Miss from cloudfront
x-pegasaas-cache
HIT
access-control-allow-origin
*
last-modified
Mon, 25 Oct 2021 09:13:26 GMT
server
nginx
etag
"5f9c7-5cf29c5ff3980-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
1mBJY0dBsm8ruWQEGEw253PbCpopSa_CJW9rhf2Vr0apTMIl4KiAXQ==
expires
Sat, 29 Oct 2022 20:21:26 GMT
show_ads_impl_with_ama_fy2019.js?client=ca-pub-3219119965238567&plah=www.realmoney.games
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/
269 KB
97 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3219119965238567&plah=www.realmoney.games
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
6a9a5bafa80bff7a29351962671bfafad98917892a6ae4830b45fc7aa4d11bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98743
x-xss-protection
0
server
cafe
etag
4242715592925228197
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 20:21:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/ Frame 2882
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 29 Oct 2021 16:23:50 GMT
expires
Fri, 12 Nov 2021 16:23:50 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
14256
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js?domain=www.realmoney.games&callback=_gfp_s_&client=ca-pub-3219119965238567
partner.googleadservices.com/gampad/
205 B
640 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.realmoney.games&callback=_gfp_s_&client=ca-pub-3219119965238567
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3219119965238567&plah=www.realmoney.games
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d0d654bf493a467ba511c90bfa36d8a9e68a369c28cfa204c29e95112cff8b97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js?domain=www.realmoney.games
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.realmoney.games
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3219119965238567&plah=www.realmoney.games
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Oct 2021 20:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js?domain=www.realmoney.games
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.realmoney.games
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3219119965238567&plah=www.realmoney.games
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Oct 2021 20:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads?client=ca-pub-3219119965238567&output=html&adk=1812271804&adf=3025194257&lmt=1634101566&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&fo...
googleads.g.doubleclick.net/pagead/ Frame 6475
153 KB
41 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3219119965238567&output=html&adk=1812271804&adf=3025194257&lmt=1634101566&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.realmoney.games%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635538886573&bpp=2&bdt=1943&idt=88&shv=r20211026&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8142747779696&frm=20&pv=2&ga_vid=1309478403.1635538887&ga_sid=1635538887&ga_hid=44280953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063295&oid=2&pvsid=2841516649387237&pem=6&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=107
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3219119965238567&plah=www.realmoney.games
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
1847e3aa8cc07116e8f30cf63c5ec5766fd937876eaa79f9f0eb37a7927671f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 29 Oct 2021 20:21:27 GMT
server
cafe
content-length
41799
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 29 Oct 2021 20:21:27 GMT
cache-control
private
sodar?sv=200&tid=gda&tv=r20211026&st=env
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211026&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3219119965238567&plah=www.realmoney.games
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
585396812fa714a22ef773bd528c8cd628ab7f36ca02efd1bbd9c2ab649d51c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Oct 2021 20:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8482
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3219119965238567&plah=www.realmoney.games
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 29 Oct 2021 20:21:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DC68
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 29 Oct 2021 19:57:37 GMT
expires
Sat, 29 Oct 2022 19:57:37 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1429
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A128
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
791db71aa82200dd2edaa769bf323023984b206ef92a9a582c9ee141fb8046dc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/BdOIhgLJdNrn4tAWbP6Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 29 Oct 2021 20:21:26 GMT
date
Fri, 29 Oct 2021 20:21:26 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-/BdOIhgLJdNrn4tAWbP6Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
connect.cgi?usr=00833838Pauto&json=1&localcook=0&js=1&page=titleindex&title=Real%20Money%20Games%20Guide%20%7C%2021%20Ways%20to%20Play%20Online%20Gambling%20Games%20for%20Cash%20Prizes&url=https%3A...
www8.afsanalytics.com/cgi-bin/
270 B
893 B
XHR
General
Full URL
https://www8.afsanalytics.com/cgi-bin/connect.cgi?usr=00833838Pauto&json=1&localcook=0&js=1&page=titleindex&title=Real%20Money%20Games%20Guide%20%7C%2021%20Ways%20to%20Play%20Online%20Gambling%20Games%20for%20Cash%20Prizes&url=https%3A%2F%2Fwww.realmoney.games%2F&refer=&view=4&mpix=1200&zb=1&cv=7&resolution=1600x1200&color=24&Tips=0.6349093262662195
Requested by
Host: code.afsanalytics.com
URL: https://code.afsanalytics.com/js/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.104.202 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
www8.afsanalytics.com
Software
Apache /
Resource Hash
bdb53e82984867714f3caacbc6985384da3579b8be3e39fe4c1d34342f48da46

Request headers

Accept
application/json
Referer
https://www.realmoney.games/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 29 Oct 2021 20:21:27 GMT
Server
Apache
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="ADMa OUR UNI NID DSP NOI COR"
Access-Control-Allow-Origin
https://www.realmoney.games
Access-Control-Max-Age
7200
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Headers
X-Forwarded-For, Forwarded-For, X-Client-IP, Client-IP, X-Real-IP, X-Requested-With, Content-Type,withCredentials
Keep-Alive
timeout=15
Expires
Tue, 20 Aug 1996 14:25:27 GMT
sodar?id=sodar2&v=224&li=gda_r20211026&jk=2841516649387237&rc=
pagead2.googlesyndication.com/pagead/ Frame A128
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211026&jk=2841516649387237&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js
pagead2.googlesyndication.com/bg/ Frame DC68
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
ad8b12962ae8e7b1e5a90d30d5daf381777909bcc20b06faa9d148b888f6cc8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 18:22:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
93545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13232
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 28 Oct 2022 18:22:21 GMT
gen_204?id=sodar2&v=224&t=2&li=gda_r20211026&jk=2841516649387237&bg=!4eKl4qbNAAbUs_yW1LM7ACkAdvg8WhjjAR-jJQeTx7yyLUOWdAycWK82iCqbB2IKzLuDuJNpdtdXJAIAAABmUgAAAApoAQeZArnBKv43VxxCTo9WzCjHjv4BvocBF6vM...
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211026&jk=2841516649387237&bg=!4eKl4qbNAAbUs_yW1LM7ACkAdvg8WhjjAR-jJQeTx7yyLUOWdAycWK82iCqbB2IKzLuDuJNpdtdXJAIAAABmUgAAAApoAQeZArnBKv43VxxCTo9WzCjHjv4BvocBF6vMYSxjtMEBOCQ5sPGVZq0oEvdVi-HF8KVj-vztBMCvxmeWUxBvM2aLi-JjAcQC-Ddz1t_b3XSdUw0voFtq5uRdN9MoaUHNffXWDhb5jwBRPsc7i4rBN_8TU4xEwaTGSIPiGSJVtJhv1HjJbz7MLzRSa0On9nEGL-ETKq6PSosx2_RRBRsmZ3BUwdSnOEQ6bvyfjB_c5EKfjtJ7M0M7Copa_ea6B4uIF5kXzDgyBWYu-k2WQtlK7Oa2rnFNv17x2AWlNyF9v1QyBIPGU8yKD-HDbc3cOiYyL5X-tb3rjfOQvsJV_LeqAFT_wTZKmtqS9Lj2ITGTa-_jVXXVxVdFknDn99CtOGS2F55QqmirXAe74pABKHB44UWQFLTfkaI_GD4Oebgfmli8rkiBAUprrR6Yy-dRgbu7dyx9bp55p9bTY_o2V-mitRMduGYda2m8BtT0FfUFxMC_nS2b-Ox8tIdMBfdOfLfwoEcQDNQxpCzCXyxzH3lGGlUPzOe5StMXl02HQtgdBh8h9ovtbUajFjlCFG5O4k7v7icWVf5EV_PTSfx-DFpu_PfTQhFk1WRjrfH_M5z5e-GTk_3-D_2-9hyCJ62Zx3ihhQVPgqEpacaixiZez78lKNf4Z_X_DBJmINM-3VV3L0aYCYuh3yEf_Vx2fPNfQBCM8PFTwFy0hI4d2Ag096CxGj9HRTRwz_nrEenCFeYDvYAgkX3XripqD7776CbQlVGUicFd5T6-E8IKAl95yI_2zt5jiIC-VvievdCJCf9IMZLKMvi---Xjql7q760pK8CRmWy1_wk4v5OqF-hsZFK2SHd6fzHlWh6ijlACft-qpgKbLTRkxzylt2yqTLGdhkejVOpR8DFcE007G2SX5T8MTEW8jH8jYkZN3nLZZw0A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 20:21:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
et-divi-builder-dynamic-29530-late.css
www.realmoney.games/wp-content/et-cache/29530/
718 B
360 B
Stylesheet
General
Full URL
https://www.realmoney.games/wp-content/et-cache/29530/et-divi-builder-dynamic-29530-late.css
Requested by
Host: cdn1.pegasaas.io
URL: https://cdn1.pegasaas.io/46df/js/wp-content/pegasaas-cache/bundle-js-1634101562.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.1.147.9 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/FF / Pegasaas Accelerator WP 3.8.10
Resource Hash
2cdf32c98ea5a9a0a22993fa267b97742880149b84677513bd02eac9f3585c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:21:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
x-edge-location
WPX CLOUD/FF
x-powered-by
Pegasaas Accelerator WP 3.8.10
x-cache
MISS
x-pegasaas-cache
MISS
vary
Accept-Encoding
content-length
195
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Oct 2021 05:05:42 GMT
server
WPX CLOUD/FF
x-frame-options
DENY
etag
"2ce-61666926-eb3a0cf5f899386;br"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=UTF-8
cache-control
private, max-age=0, no-cache
permissions-policy
geolocation=(self "https://www.realmoney.games"), microphone=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 29 Oct 2022 20:21:27 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/
143 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3219119965238567&plah=www.realmoney.games
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
d9c894588132662e56bfd636ab19a57831c4fe106a207a453f20b3be316732b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52781
x-xss-protection
0
server
cafe
etag
15138605428841842935
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 20:21:27 GMT
gen_204?id=rasra::pm&rt=8&c=ca-pub-3219119965238567&eid=31063295
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8&c=ca-pub-3219119965238567&eid=31063295
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 20:21:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204?id=ama_success&c=2&wpc=ca-pub-3219119965238567&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=false&a=6%2C1%2C5%2C7&apv=20211026_113626&sat=1635344919233&afm=0&as_count=0&d_count=0&ng_count=0&...
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-3219119965238567&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=false&a=6%2C1%2C5%2C7&apv=20211026_113626&sat=1635344919233&afm=0&as_count=0&d_count=0&ng_count=0&am_count=2&atf_count=0&mdns=0&alldns=0.018&allp=49&fd=(0%2C10%2C0)%2C(1%2C0%2C0)%2C(2%2C2%2C2)&pgh=31504&su=www.realmoney.games&pvc=2841516649387237&r=0.1&eid=31063295
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 20:21:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204?id=rasra::pr&rt=8&c=ca-pub-3219119965238567&eid=31063295
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8&c=ca-pub-3219119965238567&eid=31063295
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 20:21:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js?domain=www.realmoney.games
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.realmoney.games
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3219119965238567&plah=www.realmoney.games
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Oct 2021 20:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js?domain=www.realmoney.games
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.realmoney.games
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3219119965238567&plah=www.realmoney.games
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Oct 2021 20:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html?fsb=1
googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/ Frame E274
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3219119965238567&plah=www.realmoney.games
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.realmoney.games/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 29 Oct 2021 16:35:44 GMT
expires
Fri, 12 Nov 2021 16:35:44 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
13543
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2?family=Roboto:wght@400;700&display=swap
fonts.googleapis.com/ Frame E274
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 19:10:26 GMT
server
ESF
date
Fri, 29 Oct 2021 20:21:27 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Fri, 29 Oct 2021 20:21:27 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E274
205 B
743 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 14:03:33 GMT
x-content-type-options
nosniff
age
22674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 29 Oct 2022 14:03:33 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E274
604 B
696 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 13:01:21 GMT
x-content-type-options
nosniff
age
285606
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 26 Oct 2022 13:01:21 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/ Frame E274
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
0d708e6899a77c81a9547e6d36f81d91d4391f1202c6cc973df9f5c106ece767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
16949158767468107603
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Nov 2021 19:59:54 GMT
css?family=Google%20Sans%3A400%2C500
fonts.googleapis.com/ Frame 5361
3 KB
580 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 19:09:01 GMT
server
ESF
date
Fri, 29 Oct 2021 20:21:27 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Fri, 29 Oct 2021 20:21:27 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 5361
2 KB
912 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:18:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Nov 2021 20:18:16 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 5361
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7760
x-xss-protection
0
server
cafe
etag
2659786357195577193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Nov 2021 20:18:42 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 5361
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Nov 2021 20:18:08 GMT
rx_lidar.js?cache=r20110914
www.googletagservices.com/activeview/js/current/ Frame 5361
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635161763799786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Oct 2021 20:21:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 5361
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6337
x-xss-protection
0
server
cafe
etag
7721474052657771746
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Nov 2021 20:14:47 GMT
9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019
www.gstatic.com/mysidia/ Frame 5361
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 15:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11281
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 10:17:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 25 Jan 2022 15:17:06 GMT
LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js
pagead2.googlesyndication.com/bg/ Frame 0F98
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js
Requested by
Host: www.realmoney.games
URL: https://www.realmoney.games/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 21:18:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
169360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13394
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 27 Oct 2022 21:18:47 GMT

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| pegasaas string| gprid function| loadCSS string| AfsAnalyticsObject function| aa function| pegasaas_preload_iframe object| pegasaas_lazy_loaded_iframes object| config_iframe undefined| index object| iframe_observer function| onIFrameIntersection boolean| pegasaas_styles_lazy_loaded function| lazy_load_styles function| pegasaas_is_mobile function| pa_delay_stylesheet_load function| pa_load_delayed_stylesheet function| pegasaas_preload_image object| images_config object| pegasaas_lazy_loaded_images object| pegasaas_fg_image_observer object| pegasaas_root_target_node object| pegasaas_fg_mutation_config function| onImageIntersection function| pegasaas_fg_image_mutation_callback object| pegasaas_fg_image_mutation_observer object| mutation object| img object| all_scripts number| script_count object| script object| pegasaas_content_event function| pa_lls_is_mobile function| pa_lazy_load_scripts_on_scroll function| pa_lazy_load_script function| pa_load_inline_block_dependants function| pa_load_delayed_inline_block function| pa_load_delayed_script function| pa_delay_script_load function| pa_initialize_script_lazy_loading object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms number| afsdebug number| oldfocus number| afslogo function| encodeWrapper function| decodeWrapper function| aa_listen_clicked function| aa_clicked string| FirstTrackerName object| google_image_requests object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent object| astraAddon function| display_mega_menu_on_load object| items function| apply_megamenu_width_styles object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements undefined| $ function| jQuery string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle object| AstraMenu function| astraToggleSetupPro function| astraNavMenuTogglePro function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars object| wp string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| et_calculate_fullscreen_section_size function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class object| google_llp number| google_lpabyc object| googletag

5 Cookies

Domain/Path Name / Value
.realmoney.games/ Name: __gads
Value: ID=5fedec6325d990f6-221b47f504cb0081:T=1635538886:RT=1635538886:S=ALNI_MbyoBPDD7WnJM6QT2og3lk0_DWrmQ
www.realmoney.games/ Name: cookielawinfo-checkbox-necessary
Value: yes
www.realmoney.games/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.realmoney.games/ Name: _aa_main_00833838
Value: 833838x7966x120x143135x7966x120

12 Console Messages

Source Level URL
Text
worker info URL: blob:https://www.realmoney.games/f60783da-87db-4a83-9699-a4460cd7355f(Line 30)
Message:
preloading https://cdn1.pegasaas.io/46df/css/wp-content/astra-local-fonts/lato/S6uyw4BMUTPHjxAwXjeu.woff2
worker info URL: blob:https://www.realmoney.games/f60783da-87db-4a83-9699-a4460cd7355f(Line 30)
Message:
preloading https://cdn1.pegasaas.io/46df/css/wp-content/astra-local-fonts/lato/S6uyw4BMUTPHjx4wXg.woff2
worker info URL: blob:https://www.realmoney.games/f60783da-87db-4a83-9699-a4460cd7355f(Line 30)
Message:
preloading https://cdn1.pegasaas.io/46df/css/wp-content/themes/astra/assets/fonts/astra.woff.compressed-to.woff2
worker info URL: blob:https://www.realmoney.games/f60783da-87db-4a83-9699-a4460cd7355f(Line 30)
Message:
preloading https://cdn1.pegasaas.io/46df/css/wp-content/plugins/divi-builder/core/admin/fonts/modules/all/modules.woff.compressed-to.woff2
worker info URL: blob:https://www.realmoney.games/f60783da-87db-4a83-9699-a4460cd7355f(Line 30)
Message:
preloading https://cdn1.pegasaas.io/46df/css/wp-content/themes/astra/assets/fonts/astra.woff.compressed-to.woff2
worker info URL: blob:https://www.realmoney.games/f60783da-87db-4a83-9699-a4460cd7355f(Line 30)
Message:
preloading https://cdn1.pegasaas.io/46df/css/wp-content/plugins/divi-builder/core/admin/fonts/modules/all/modules.woff.compressed-to.woff2
worker info URL: blob:https://www.realmoney.games/f60783da-87db-4a83-9699-a4460cd7355f(Line 17)
Message:
resource preloaded
worker info URL: blob:https://www.realmoney.games/f60783da-87db-4a83-9699-a4460cd7355f(Line 17)
Message:
resource preloaded
worker info URL: blob:https://www.realmoney.games/f60783da-87db-4a83-9699-a4460cd7355f(Line 17)
Message:
resource preloaded
worker info URL: blob:https://www.realmoney.games/f60783da-87db-4a83-9699-a4460cd7355f(Line 17)
Message:
resource preloaded
worker info URL: blob:https://www.realmoney.games/f60783da-87db-4a83-9699-a4460cd7355f(Line 17)
Message:
resource preloaded
worker info URL: blob:https://www.realmoney.games/f60783da-87db-4a83-9699-a4460cd7355f(Line 17)
Message:
resource preloaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn1.pegasaas.io
code.afsanalytics.com
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.realmoney.games
www8.afsanalytics.com
13.32.99.47
142.250.181.226
142.250.184.194
142.250.184.228
142.250.185.106
142.250.185.130
142.250.185.162
142.250.185.163
142.250.185.225
142.250.186.130
142.250.186.34
158.69.57.44
192.99.104.202
194.1.147.9
038835fd3e7fd7949b1a9cb252ad58ad35853447236b8cbb564fc690b751fa97
0a186186e8c3f6ee6b237ca9fee6189527131fdd53b88672da91d812de3fa3c0
0d708e6899a77c81a9547e6d36f81d91d4391f1202c6cc973df9f5c106ece767
0fd5df88a668e5e342127a6c22ed6334386e0313c0b94f211cb4d272afca5ae7
13909b5f1d645883e519a46dd0c0c1389627f2fcadd89de55d4187e0c589c4aa
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
1847e3aa8cc07116e8f30cf63c5ec5766fd937876eaa79f9f0eb37a7927671f9
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
21d2d44493443e9b193cd5ac1c3d58db17556f91f1956cd861d3e7d180e1dfdc
2cdf32c98ea5a9a0a22993fa267b97742880149b84677513bd02eac9f3585c57
2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
398bc46da12b771055e1ef7d370871aa1b018f4ac9017b055ae89b739820e868
3ad59ede01d71e8d351c834c3cd8f3c7a93654546b27db1300f65de580df15c7
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4c88edd12cd064979abc0e8c35cb7a574ef2bc911c58cca171ccbd35aa2d9658
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
585396812fa714a22ef773bd528c8cd628ab7f36ca02efd1bbd9c2ab649d51c8
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6a9a5bafa80bff7a29351962671bfafad98917892a6ae4830b45fc7aa4d11bcf
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
791db71aa82200dd2edaa769bf323023984b206ef92a9a582c9ee141fb8046dc
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2
9bd66f06fe197d0f98c627d0fa9055b934ba1b465f537984a066eb8c6f9c06ca
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad8b12962ae8e7b1e5a90d30d5daf381777909bcc20b06faa9d148b888f6cc8b
bdb53e82984867714f3caacbc6985384da3579b8be3e39fe4c1d34342f48da46
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c55c351680b6f0e55abd5709619bfd76a1a6c823cc3afbf6881e3b199520cbcc
d0d654bf493a467ba511c90bfa36d8a9e68a369c28cfa204c29e95112cff8b97
d4d0fe576ed04c5a9ff78e041cb0cbc57f9fc3f90bf3f2fcfcabc38004ca7e28
d9c894588132662e56bfd636ab19a57831c4fe106a207a453f20b3be316732b5
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829