urlscan.io logo urlscan.io
SecurityTrails logo

royalsrealm.xyz Open in urlscan Pro
50.216.185.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://royalsrealm.xyz/
Effective URL: https://royalsrealm.xyz/
Submission: On December 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 21 HTTP transactions. The main IP is 50.216.185.61, located in Richmond, United States and belongs to COMCAST-7922, US. The main domain is royalsrealm.xyz.
TLS certificate: Issued by R3 on October 14th 2023. Valid for: 3 months.
This is the only time royalsrealm.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 50.216.185.61 7922 (COMCAST-7922)
6 2a00:1450:400... 15169 (GOOGLE)
6 108.181.20.35 40676 (AS40676)
2 78.46.33.196 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 8
2    50.216.185.61 (Richmond, United States)

ASN7922 (COMCAST-7922, US)
royalsrealm.xyz
6    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    108.181.20.35 (Los Angeles, United States)

ASN40676 (AS40676, US)
files.catbox.moe
2    78.46.33.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.33.46.78.clients.your-server.de
ad.a-ads.com
static.a-ads.com
2    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
224 KB
6 catbox.moe
files.catbox.moe — Cisco Umbrella Rank: 199634
2 MB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 34902
static.a-ads.com — Cisco Umbrella Rank: 49106
598 KB
2 royalsrealm.xyz
royalsrealm.xyz
4 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
21 6
Domain Requested by
6 files.catbox.moe royalsrealm.xyz
6 pagead2.googlesyndication.com royalsrealm.xyz
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 royalsrealm.xyz 1 redirects
1 www.google.com tpc.googlesyndication.com
1 static.a-ads.com ad.a-ads.com
1 ad.a-ads.com royalsrealm.xyz
21 8

This site contains links to these domains. Also see Links.

Domain
forum.royalsrealm.xyz
Subject Issuer Validity Valid
royalsrealm.xyz
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
catbox.moe
R3		 2023-12-05 -
2024-03-04		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2022-12-21 -
2024-01-21		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://royalsrealm.xyz/
Frame ID: 8E45788FA6CFAE0BD2ACEB88FA4D3014
Requests: 12 HTTP requests in this frame

Frame: https://ad.a-ads.com/2125309?size=250x250
Frame ID: B1B8385EC09541B091335A2D2192289E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20190131/zrt_lookup_fy2021.html
Frame ID: 8933ACFCC410B86B2E163B925722C156
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4848376860471852&output=html&adk=1812271804&adf=3025194257&lmt=1695924071&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x675_l%7C356x675_r&format=0x0&url=https%3A%2F%2Froyalsrealm.xyz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701893343015&bpp=2&bdt=176&idt=248&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7909650700387&frm=20&pv=2&ga_vid=1915576740.1701893343&ga_sid=1701893343&ga_hid=628413529&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079825%2C31079922%2C44807763%2C44808148%2C44808284&oid=2&pvsid=1346404329422997&tmod=1278602052&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=266
Frame ID: BB678704D38EFA781722C2F1BCD049A7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3BE4B692DBFC672518708BB005132F3F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2519D9322B52DE594767C3827A57D102
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Royals Realm Inc.

Page URL History Show full URLs

  1. http://royalsrealm.xyz/ HTTP 301
    https://royalsrealm.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

21
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

3069 kB
Transfer

3496 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://royalsrealm.xyz/ HTTP 301
    https://royalsrealm.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
royalsrealm.xyz/
Redirect Chain
  • http://royalsrealm.xyz/
  • https://royalsrealm.xyz/
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://royalsrealm.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.216.185.61 Richmond, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b60e741720f8dadfc1e02b6942405caf2be878a5a5b70a5570c3599d1ad40a8d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3489
Content-Type
text/html
Date
Wed, 06 Dec 2023 20:09:02 GMT
ETag
"341c-6066f17d4f9cf-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 28 Sep 2023 18:01:11 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
313
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 06 Dec 2023 20:09:02 GMT
Keep-Alive
timeout=5, max=100
Location
https://royalsrealm.xyz/
Server
Apache/2.4.41 (Ubuntu)
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4848376860471852
Requested by
Host: royalsrealm.xyz
URL: https://royalsrealm.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdaa425569c3f5600973004d50b420a4773bf058c96a2080fa3b24a9ef8515fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://royalsrealm.xyz/
Origin
https://royalsrealm.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:09:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51769
x-xss-protection
0
server
cafe
etag
2546716238225485918
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 20:09:02 GMT
e5wt51.png
files.catbox.moe/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.catbox.moe/e5wt51.png
Requested by
Host: royalsrealm.xyz
URL: https://royalsrealm.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.181.20.35 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
nginx /
Resource Hash
8e6713a0a6e5a0c582d20885ba20b1ef48effdf06f10ff5b8c39108ab09c5ef8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://royalsrealm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:09:03 GMT
content-security-policy
default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options
nosniff
last-modified
Sat, 15 Apr 2023 20:06:24 GMT
server
nginx
etag
"643b03c0-c389"
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
50057
1ystis.png
files.catbox.moe/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.catbox.moe/1ystis.png
Requested by
Host: royalsrealm.xyz
URL: https://royalsrealm.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.181.20.35 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
nginx /
Resource Hash
aa57f01214bc7ead354a25bc9c18a7891b31e7eec2c3d23b86f914fa2dc3b632
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://royalsrealm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:09:03 GMT
content-security-policy
default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options
nosniff
last-modified
Sat, 03 Dec 2022 04:15:57 GMT
server
nginx
etag
"638acd7d-1bd9"
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
7129
b23pai.png
files.catbox.moe/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.catbox.moe/b23pai.png
Requested by
Host: royalsrealm.xyz
URL: https://royalsrealm.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.181.20.35 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
nginx /
Resource Hash
e59f8382e9ce18bb57388e0de8d5e10913bcd67819fc2647dc5a36f6424dca94
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://royalsrealm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:09:03 GMT
content-security-policy
default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options
nosniff
last-modified
Fri, 05 May 2023 22:32:56 GMT
server
nginx
etag
"64558418-4f2e"
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
20270
sb7bju.jpeg
files.catbox.moe/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.catbox.moe/sb7bju.jpeg
Requested by
Host: royalsrealm.xyz
URL: https://royalsrealm.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.181.20.35 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
nginx /
Resource Hash
6f8005649c67ed68180262d69c5ce4b15450a34b9cae1b9229a970017dfba218
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://royalsrealm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:09:03 GMT
content-security-policy
default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options
nosniff
last-modified
Fri, 05 May 2023 22:32:40 GMT
server
nginx
etag
"64558408-dcc"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
3532
5w3op3.png
files.catbox.moe/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.catbox.moe/5w3op3.png
Requested by
Host: royalsrealm.xyz
URL: https://royalsrealm.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.181.20.35 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
nginx /
Resource Hash
91ec99046757b85dce04e3fa87d27d3a60cfd26f235e4964ffbbfdfa15832e31
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://royalsrealm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:09:03 GMT
content-security-policy
default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options
nosniff
last-modified
Fri, 05 May 2023 22:44:34 GMT
server
nginx
etag
"645586d2-11b91f"
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
1161503
2125309
ad.a-ads.com/ Frame B1B8 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2125309?size=250x250
Requested by
Host: royalsrealm.xyz
URL: https://royalsrealm.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.33.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.33.46.78.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
115439393c381a1434b4db2815bbca669ded2c71608a108b98e5f54b12b0169e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://royalsrealm.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 06 Dec 2023 20:09:02 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://royalsrealm.xyz/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
7qslyy.jpg
files.catbox.moe/ 		1019 KB
1020 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.catbox.moe/7qslyy.jpg
Requested by
Host: royalsrealm.xyz
URL: https://royalsrealm.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.181.20.35 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
nginx /
Resource Hash
f584d722ad0dfc4dc011fddb215ece6155652eb3836b4ffc5bb54d5a4c6bf5f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://royalsrealm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:09:03 GMT
content-security-policy
default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2023 02:02:54 GMT
server
nginx
etag
"6449d7ce-feb42"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
1043266
250x250
static.a-ads.com/a-ads-banners/393779/ Frame B1B8 		593 KB
594 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/393779/250x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2125309?size=250x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.33.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.33.46.78.clients.your-server.de
Software
nginx /
Resource Hash
86e5b7e8d1d9360d06c8bbeed2584da7d7a8546cea642a018ab4564e735866b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:09:03 GMT
x-amz-version-id
_QTQzA8CYqCJItjEG29aAMhy4MUtecd9
last-modified
Tue, 31 May 2022 13:36:40 GMT
server
nginx
x-amz-request-id
9CJA2HJX8BGAFAAX
etag
"bc68ae6f18a2d7f6a8e4bd5dca23a7d7"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
606750
x-amz-id-2
wjGCpb+Bm0+WJPXJZjCarZ8fe8E5lfiJVwU8Zhvk2Y4CTe2QaFnG5YKAf2o5dsSIddxrIyNyp6w=
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame B1B8 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 		398 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4848376860471852&plah=royalsrealm.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4848376860471852
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a7a0099696ceb276b107bd2eb5ddd5cd40cfac3c6ac22564f10d03263f0d47e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://royalsrealm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:09:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137566
x-xss-protection
0
server
cafe
etag
7086940496946609471
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 20:09:03 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231204/r20190131/ Frame 8933 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231204/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4848376860471852
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://royalsrealm.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
66984
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 01:32:39 GMT
etag
5585625838579639069
expires
Wed, 20 Dec 2023 01:32:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BB67 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4848376860471852&output=html&adk=1812271804&adf=3025194257&lmt=1695924071&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x675_l%7C356x675_r&format=0x0&url=https%3A%2F%2Froyalsrealm.xyz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701893343015&bpp=2&bdt=176&idt=248&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7909650700387&frm=20&pv=2&ga_vid=1915576740.1701893343&ga_sid=1701893343&ga_hid=628413529&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079825%2C31079922%2C44807763%2C44808148%2C44808284&oid=2&pvsid=1346404329422997&tmod=1278602052&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=266
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4848376860471852&plah=royalsrealm.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://royalsrealm.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 20:09:03 GMT
expires
Wed, 06 Dec 2023 20:09:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231204&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4848376860471852&plah=royalsrealm.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99a43ad4dd87f4e508846c92a8e7ce3c6b0d6eeaae622838331a561252b05c7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://royalsrealm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12306
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4848376860471852&plah=royalsrealm.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://royalsrealm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:09:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Dec 2023 20:09:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3BE4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://royalsrealm.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 19:26:35 GMT
expires
Thu, 05 Dec 2024 19:26:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2519 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5460eebc16f3c42aed44c82940e6596f39452c65066777a1a6a9ec239efd4254
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q3aSUebildLA0hvS5KM2ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://royalsrealm.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Q3aSUebildLA0hvS5KM2ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 20:09:06 GMT
expires
Wed, 06 Dec 2023 20:09:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 3BE4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:26:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
2574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 19:26:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2519 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231204&jk=1346404329422997&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 3BE4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?b6HCnQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:09:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231204&jk=1346404329422997&bg=!KyilKGfNAAY3kmNgF5I7ADQBe5WfOLyhSaliGUG41Syvo_-LKF3KmAPdGEgghBxcXL3Jtj-VIGDTD4pt5tamKA7G8UXpAgAAAKZSAAAAAmgBB5kCyOM_zvSc_4NFoudwxh9PYQxISEXCD2emYkpIr75rhNXFQ8R8LAByccRjmZqvSj265M8BtJ82OEZIJ9N6sYTldE8UqNXAH8QaTLbjk240V_oHOCJ4ZCDYekO5WBCRaOgFhdFFl0zaW5LjKWHk_e2hAWDxilUPEY5TVdg_usTNK4mfOrxEd-7R7lueat2El7ggRDK-UcnHZ16RnGqiuZKhNrqSjNnPi4U3iNYUk2P5PAZ2DJahztUWLiYmiwqndx9BOYM2xLTjEBFKtoM0-AtD3RuUK8Wdz8MiDVntl-hvRzUD9Q3YDFR4rd9M-gqN6UboYdtbHu2T4yzddionOoOaavxmtVaLesjeYavfOjgK4TO39dTRqxaZFXOapMyhhpWpCxDwB3AdUv5FDZqgGEKLrt8s1-q5UuZJWPuxjGuWN1xztIUH3Xf0O1HPRSSVKaz25fZlNY3GBoixJiDGJPIxrXiFZGUL3yJNzyvOAUxtB7Hc8XVNCqLck8GkeJZi0ZEs-hcKptma1Bw2IIjOvVHZfOgqczA75NFJZIge_qsEMmMOzpZOP5QG9gwjswz_EjHAxOBLIfic3rNgFcoOmxnogCxp34QUpwUFoVQOmQM02muZGjLYVf2okWka-mtgVsDCEx6oHYMB-8i8SrLZG6pKiG2tBOL3HELD1okSN72KzdjQqrndZtvtT8H0MWnfQoxG0vv1m2BRoBNiXG32_TChEvqXQnpMmR4FUS0d9hxxOz62ADNlPJWKD96jeMTK9NNZdZi5Y9WkH7nD4m8XhX7ZhS8p3JiQcywlTmTXlRj2u8S8ZJPGjHV2kBPgErsng7wmgahhWFxN3I0rp51PAdRuI0n5ozdJrgmdIwticfbroakqMIBdWJZpFGLG8rTsnFbkQRVxGjUh-J0erf85S8EOOdPdqFoYYJOpuXkHIZdrwa5i4iJbpZ8D5Sw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://royalsrealm.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
files.catbox.moe
googleads.g.doubleclick.net
pagead2.googlesyndication.com
royalsrealm.xyz
static.a-ads.com
tpc.googlesyndication.com
www.google.com
108.181.20.35
2a00:1450:4001:803::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:81c::2002
50.216.185.61
78.46.33.196
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
115439393c381a1434b4db2815bbca669ded2c71608a108b98e5f54b12b0169e
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
4a7a0099696ceb276b107bd2eb5ddd5cd40cfac3c6ac22564f10d03263f0d47e
5460eebc16f3c42aed44c82940e6596f39452c65066777a1a6a9ec239efd4254
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6f8005649c67ed68180262d69c5ce4b15450a34b9cae1b9229a970017dfba218
86e5b7e8d1d9360d06c8bbeed2584da7d7a8546cea642a018ab4564e735866b4
8e6713a0a6e5a0c582d20885ba20b1ef48effdf06f10ff5b8c39108ab09c5ef8
91ec99046757b85dce04e3fa87d27d3a60cfd26f235e4964ffbbfdfa15832e31
99a43ad4dd87f4e508846c92a8e7ce3c6b0d6eeaae622838331a561252b05c7e
aa57f01214bc7ead354a25bc9c18a7891b31e7eec2c3d23b86f914fa2dc3b632
b60e741720f8dadfc1e02b6942405caf2be878a5a5b70a5570c3599d1ad40a8d
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59f8382e9ce18bb57388e0de8d5e10913bcd67819fc2647dc5a36f6424dca94
f584d722ad0dfc4dc011fddb215ece6155652eb3836b4ffc5bb54d5a4c6bf5f8
fdaa425569c3f5600973004d50b420a4773bf058c96a2080fa3b24a9ef8515fa